Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Hacker Guardian Rate Topic   - - - - -

 
  • BarryH
  • Senior Member
  • Members
  • Join Date: 03-Sep 07
  • 1459 posts

Posted 16 February 2008 - 06:10 PM #1

Hi

I have recently installed Comodo SSL to our site, as part of the package we get a Hacker Scan on a daily basis.

My question is.... Has anyone else used this service or similar and how do you deal with the risks/errors that are generated. I mean how do you eliminate them.

We have passed the scans but have some minor issues to resolve!

BarryH

BarryH

 

CS-Cart v4.4.3 (Plus one being developed v4.5.2 SP2)
UK User


 

Posted 16 February 2008 - 06:28 PM #2

Been told that they're nothing more then eye-candy.
I can't see myself paying for one, considering the amount of cash that they charge for "automation" but not *real* hacking attempts via a humanoid life-form
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • Golfcart
  • Member
  • Members
  • Join Date: 18-Dec 07
  • 72 posts

Posted 16 February 2008 - 07:15 PM #3

The site I maintain is running Hacker Safe. Someone convinced the owner of the site that having the Hacker Safe logo would make customers feel safer. (Who knows – it does not make me feel safer.)

I think I have about 19 minor alerts (level 1) that Hacker Safe says I have. Since the logo still shows with the alerts, I have not fixed to fix any.

But – that’s why I am now using CS-Cart.

We were using another web hosting company that would not update their software and Hacker Safe would fail (too many alerts to keep icon visible). I was using Miva Merchant and a different web hosting company.
We switched to TVC.NET for hosting and I installed CS-Cart. I am very happy with the new software.

I would not pay for the service – but it’s not my money.

If you do not hold the credit card numbers, I would not worry about anything. Just always keep a backup copy of your site.

 
  • jobosales
  • Senior Member
  • Members
  • Join Date: 04-Nov 06
  • 3114 posts

Posted 17 February 2008 - 02:48 AM #4

I would be more amenable to paying a web host that extra money to make sure they are security-conscious and employ proper intrusion detection software - seems a better bet shoring up the foundation than tacking on some signage.

Maybe S-Combs will weigh in with his experience with these scanning services.

Bob
CS-Cart 2.0.14 (testing)

 
  • xmivite
  • Senior Member
  • Members
  • Join Date: 25-Jul 07
  • 101 posts

Posted 17 February 2008 - 07:01 AM #5

i dont think you can get rid of all the errors- ii use scan alert - they say it should give you a 6% - 9 % boost in conversions - we dont see it - but it could because the economy is suffering. or maybe the competition is getting harder - but as i do ranking checks - i am found pretty much where i have always been - some places little worse some little better- in general i cant see much differnce in traffic on the logs.. so - i dont know if its a justified thing- ofcourse if your site lacks credibilty it can help - but i guess maybe my users felt confident enough before -

about - errors i get some minor - and actually they can vary from scan to scan - not all are accurate and there are varying things that can effect the scan - -so if its not affecting you to the point that you are passing the scan.. - dont worry about it... other than this most of the scan problems are things your host needs to fix with your server.... - security patches for the web apps and such.......

one thing to consider with hacker safe - is seo boost, its not a cheap seal so most that use it are rather foundated organizations.. ie - reputable.. they have a major directory of all sites that are certified.. hacker safe has a pr of 9 i think - so thats an inbound link from a site that has a directory that you are in company with - i think its worth someting for SEO for this reason.....

 
  • jobosales
  • Senior Member
  • Members
  • Join Date: 04-Nov 06
  • 3114 posts

Posted 17 February 2008 - 07:51 AM #6

one thing to consider with hacker safe - is seo boost, its not a cheap seal so most that use it are rather foundated organizations.. ie - reputable.. they have a major directory of all sites that are certified.. hacker safe has a pr of 9 i think - so thats an inbound link from a site that has a directory that you are in company with - i think its worth someting for SEO for this reason.....

An inbound link that really only counts if you are selling related products. I doubt that Hacker Safe's high PR is going to do much for a site selling lingerie, pet products, well, you get the idea.

Bob
CS-Cart 2.0.14 (testing)

 
  • Earl
  • Member
  • Members
  • Join Date: 30-Oct 07
  • 44 posts

Posted 17 February 2008 - 11:53 AM #7

Hi all,
Let me say first I use a paid PCI scanning service with no logo for display.

I think there a couple factors that should be taken into account and these are

1. It is a good practice to have an independent verification of the work our hosting company said they did, after all the employees at the hosting company don't have a vested interest in your company.

2. You should try to come up to speed on the security issues and the possible impact they can have on your site, also it should be noted that if a company is found to have mishandled customers’ credit card information, they can be prohibited from processing credit cards.

3. All it takes is one weak link, e.g. your web server telling everyone who asks the type and version of the httpd or ftp server or weak encryption running, which could be a gold mine for a potential hacker. While I am not preaching security by obscurity it is important that we use all of the tools and techniques available to secure our web sites. Tools such as AFP, BFD and LogWatch.

BarryH, the best place to start is to talk to your hosting company.
Earl
Cs-Cart 1.3.5 sp2 | Linux VPS Hosting | MySql 5.0.27 | PHP 5.2.6

 
  • xmivite
  • Senior Member
  • Members
  • Join Date: 25-Jul 07
  • 101 posts

Posted 17 February 2008 - 09:01 PM #8

An inbound link that really only counts if you are selling related products. I doubt that Hacker Safe's high PR is going to do much for a site selling lingerie, pet products, well, you get the idea.

Bob


I strongly disagree, infact, i recently read a post by matt cutts that suggests that linking to and or being linked to sites that are not tightly related may actually be benificial. though, i agree frivilous linking will get you into trouble and minimally do you no good. but cetainly there are occassions in which a site may link to another site that is seemingly unrelated that still has merit and google understands this. Especially if its authority site -- indicated by its pr - further more - all the linking on the directory - is categorized and u are in company with others that are related.

hence, if all this had no weight in marketing - what the heck were people so anxious to do all that directory submission - ofcourse i have been doing marketing a long time and never gave credit to being in 5000 directories. now we see them all devalued.. considerably in pr recently - but certainly for along time - this was a marketing strategy - and that is perhaps why t hey have been devalued - and the rule now is to try to go inot more niche directories.. or those directories that are truely inovative and have a unque position. generally maintaining a higher page rank......

But again i suggest that links from authority sites such as the bbb and hacker safe put u in association with creditiblity -- and - that, if not weighted by google - should be or will be - there are only so many things that a search can do on page.. so off page they have to look at such things like this......

 
  • S-Combs
  • Senior Member
  • Members
  • Join Date: 09-Nov 06
  • 692 posts

Posted 17 February 2008 - 09:17 PM #9

I would be more amenable to paying a web host that extra money to make sure they are security-conscious and employ proper intrusion detection software - seems a better bet shoring up the foundation than tacking on some signage.

Maybe S-Combs will weigh in with his experience with these scanning services.

Bob


I made a similar reply to another post regarding my experiences with these services here Bob http://vb.cs-cart.co...992&postcount=4

I can't comment about the SEO benefits of carrying these services but I am not impressed with the effectiveness of their scans.
Secure Cart Hosting
[CS-Cart Optimized Solutions and Server Management]

 
  • jobosales
  • Senior Member
  • Members
  • Join Date: 04-Nov 06
  • 3114 posts

Posted 18 February 2008 - 12:20 AM #10

I strongly disagree, infact, i recently read a post by matt cutts that suggests that linking to and or being linked to sites that are not tightly related may actually be benificial. though, i agree frivilous linking will get you into trouble and minimally do you no good. but cetainly there are occassions in which a site may link to another site that is seemingly unrelated that still has merit and google understands this. Especially if its authority site -- indicated by its pr - further more - all the linking on the directory - is categorized and u are in company with others that are related.

I certainly would be interested in what Matt has to say about this but could not find anything in a quick search of his blog. Do you have a link? I am sure many here would like to see what he thinks about this.

hence, if all this had no weight in marketing - what the heck were people so anxious to do all that directory submission - ofcourse i have been doing marketing a long time and never gave credit to being in 5000 directories. now we see them all devalued.. considerably in pr recently - but certainly for along time - this was a marketing strategy - and that is perhaps why t hey have been devalued - and the rule now is to try to go inot more niche directories.. or those directories that are truely inovative and have a unque position. generally maintaining a higher page rank......

There is no question that directories played an important part in establishing a new site....some years ago. Directories originally helped a new site get crawled more quickly which is the reason many were willing to pay for a submission to the Yahoo directory. These days, most new sites will be crawled within a week whether or not there are included in a directory. I think you are making my point when you say "now we see them all devalued.. considerably in pr recently".

That does not mean that directories are useless, just that they are not particularly useful for inheriting PR. Targeted directories can still drive traffic (and potential sales) to your site. The question to ask is whether it is worth the cost either in the submission fee or the effort involved which is something everyone needs to assess for themselves.

But again i suggest that links from authority sites such as the bbb and hacker safe put u in association with creditiblity -- and - that, if not weighted by google - should be or will be - there are only so many things that a search can do on page.. so off page they have to look at such things like this......

I do not question that there can be benefits to being associated with a credible site like BBB. However, I do not start looking for a retailer by first visiting HackerSafe or even BBB - I search for the product and may check on the site's BBB grade if I see a seal. I have never done this with HackerSafe. I would really like to see some evidence from some SEO specialists stating that there is PR benefit from these "authority sites" even to non-related links.

As for your remark "if not weighted by google - should be or will be - there are only so many things that a search can do on page.. so off page they have to look at such things like this", I would find this somewhat disheartening if I was just starting up a small online business. It means that the price for entry has increased substantially just to get noticed in search listings: not only do you need to pay for direct advertising but you also need to pay for identity branding. While such branding will always be an advantage (both offline and online), small sites lacking these resources have still been able to compete without it to date.

It is also a little disconcerting to think about Google determining who is credible and who is not. Is a site credible because they have a high PR or is there some other minimum standard(s)? Do eBay or Paypal have high integrity? It depends on who you talk to.

At any rate, this is an interesting discussion and I look forward to reading Matt Cutt's article if you can post the link. However, I think that we should probably start a new thread to discuss the SEO benefits of these scanning services and let this thread stay focused on the security aspects.

Bob
CS-Cart 2.0.14 (testing)

 

Posted 18 February 2008 - 12:47 PM #11

Blah@MattCutts :P

Personally I can't see these "seals" being any more interesting to a customer who'ld rather just purchase and pay then click on seals and work out what's credible.

Point being they've already got your website. Why not just add info on how things work so that it's invoking trust instead of having a "HACKERsafe" seal
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • Earl
  • Member
  • Members
  • Join Date: 30-Oct 07
  • 44 posts

Posted 18 February 2008 - 05:07 PM #12

It kinda seems like BarryH’s thread is about to be hijacked, if not already :-D I think he was asking for help.
Earl
Cs-Cart 1.3.5 sp2 | Linux VPS Hosting | MySql 5.0.27 | PHP 5.2.6

 
  • BarryH
  • Senior Member
  • Members
  • Join Date: 03-Sep 07
  • 1459 posts

Posted 18 February 2008 - 07:15 PM #13

Hi Earl

Thanks for that! I was only asking about a "freebie" that came with my SSL, it seems that the Hacker Guardian is not a favourable or trustworthy scanner, I wasn't promoting or debating links or logos!!!!!!

Thanks for all the feed back though, I have a great deal of respect for most people on here and listen to what they say.

BarryH

BarryH

 

CS-Cart v4.4.3 (Plus one being developed v4.5.2 SP2)
UK User


 
  • xmivite
  • Senior Member
  • Members
  • Join Date: 25-Jul 07
  • 101 posts

Posted 19 February 2008 - 04:34 AM #14

yeah - seo could be another board or several...100

but - are these site seals worth the money../// well i think anyone can work up a fancy authentic looking graphic and even make anotehr website that validates it.. so for the part of consumer feel good... you dont need to spend the money....

I guess regarding security you can run some scans -- but i would think most decent hosts have most things in order - though there wil always be some way in -- just hope its not too easy.

And again, i dont see any sales benifit since i have put a seal way above fold on my site , I think the only reason i do it because all my main competitors have it - lol firs there was one - then i was second.. now i guess all are following like lemmings...