When I first get to the office, I've already read my emails from the previous night and know who is having any problems, which sites were attacked, and any issues reported by Google Webmaster Tools, MX Toolbox and Ahrefs ranking alerts. Many don't know it, but just about every website gets a hack attempt 100 times a day; it takes a real webmaster to install the monitoring software and firewalls to stop them from getting in.
Why are sites being hacked all day anyway? Spam and identity theft, usually. You see, they setup bots to ping websites all day long with an admin user and random passwords, 50 times a minute. Sometimes this can actually take down a server out of nowhere, overloading memory and causing a Denial of Server (DOS) error. That's how we first discovered attempted hacks - our server performance was inconsistent, even though we have one of the most powerful Dedicated Servers out there.
Next, if they get in they setup a file (usually a virus) that emulates a store selling clothing, shoes or pharmaceuticals. If they happen to get a sucker to buy from it, the order is not fulfilled, they just steal your credit card info and steal everything they can. Sometimes it's just to mess with your site, but the more malicious ones can do more damage by ruining your reputation, Google rank and even get your site suspended by your hosting company. We found this out the hard way last year when a few of our clients got hacked this way, but luckily we were able to to detect it immediately with our monitoring tools and fix them before any real damage was done.
So, back to my day. First thing we do is update our main firewall, blocking any IP addresses that attacked any of our websites, even on different servers. Once the firewall is updated, I then check our MX Toolbox to make sure none of my clients got blacklisted for sending out spam emails, even if it's not on purpose. I once had a client get reported for spam because he sent an email to someone under a different email address, and their own customer reported them for spam! It took days to get them off MX Toolbox, but I must say, they are very good over there. I highly recommend getting an account if you don't already have one.
Next, we run checks on any websites that did receive an attack, and make sure nothing got through. While we're at it, we make sure all the plugins and extensions are current, and update any that need it. This can take anywhere from a few minutes to a couple of hours for all the sites we maintain.
By now most of the morning is gone, and I'm on my third cup of Earl Grey. Time to get to work on whatever projects we have going on, building, editing and finding new work. We all try to eat somewhere in there, while fielding phone calls, emails and text from clients asking for changes or general tech support.
Around 4:00pm, it's time to review SEO for all our sites, check traffic stats and Ahrefs.com for ranking. Our SEO crew makes changes to our client's websites most of the time with no fanfare, tweaking keywords or making changes to keep up with Google's changing algorithm that now happens almost daily. This can take up their entire day, which is why it's a separate department now.
With the day winding down by 5:30pm, we start cleaning up sites we're building, backing up both the under construction sites and live ones, and getting ready to start the process over tomorrow. So the next time you think your webmaster is just sitting back watching cartoons, think again; most of us are on that wall, protecting your business from attackers, squeezing every ounce of SEO out of your site and trying to do it all with a small monthly budget that we sometimes feel we are constantly defending. What's your experience? Tell us below.