We’ve all heard the stories of hack attacks, but we tend to think of them as perpetrated against large corporations and government agencies. When we consider our own websites, we might not have credit card information or sensitive data contained in the background, so we might not consider our author websites worthy of a foreign hacker’s attention. But the truth is that all across America—indeed, the world—a war is being waged on the very thing we have come to depend upon: the Internet. And to that means, some foreign governments employ hundreds if not thousands of personnel for the sole purpose of hacking into servers. Their objective might be to steal information or simply to disrupt business, or they might be planning a wide-scale attack in which all the servers they’ve managed to penetrate are brought down all at once.
So how can you tell whether someone from another country is trying to break into your website?
Take a close look at where your web traffic is originating. Logon to your CPanel and look for an icon that shows your website statistics. You should be able to view statistics over the past twelve months as well as detailed information on any previous month dating back two to three years. Below is a list of visitors to my website in November 2017. Notice the majority of hits is from an unknown location; this could be through a variety of social networking sites or from mobile web browsers. Visitors from .com, .net, .org, .edu, .gov or .info are generally signs of positive traffic. What you want to look for are hits from other countries, specifically the Russian Federation, former Eastern Bloc countries, North Korea, or other countries not friendly to the United States.
Are you or your publisher marketing in those countries? Are your books sold in those countries? It is possible to have a readership anywhere in the world; however, unless you are a worldwide sensation, it’s unlikely that people are going to a book store in Pakistan, Moscow or Kiev and finding your book on the shelves. It is also highly unlikely that they will stumble upon it on amazon or other online retailers available in their country, and even less likely that they would then attempt to visit the author’s website. Look at your royalty statements to determine where your sales are originating, and ask your publisher to break them down by country if they are not already doing so. If you are self-published, you can look at your analytics on all the platforms that sell or distribute your work. If you have consistent hits from a country such as the Ukraine but you’ve never sold a book there, it’s more likely that hackers have found your server. It doesn’t, however, necessarily mean they’ve successfully hacked into it.
Which bots are accessing your website? In the example below, a googlebot is the most common bot. This is actually a great occurrence, as it means that Google is looking through your pages in order to respond quickly to Google searches. If their bots never visit your website, it’s unlikely that your website will appear in many—if any—searches. Netcraft is also a bot you definitely want visiting your website. Netcraft is an Internet Services Company that is based in Bath, England. Their purpose is to provide cybercrime disruption services—in other words, protect servers—from hacking attempts. Possible negative activity comes from unknown bots.
How long do visitors remain on your website? True visitors will remain for a matter of minutes, depending on the amount of information contained on your site. If visitors are spending less than 30 seconds on your site, one of two things is occurring: either a computer is trying to connect to your website or website visitors are deciding against your book in a hurry. The latter can occur for any number of reasons, including a slow-loading page, obnoxious color schemes or fonts, mistaking your website for another, or sound that begins when the visitor opens a page. Be critical when you are studying your website; if you’ve determined it is well-designed and professional, visitors should be remaining longer than 30 seconds.
Where is your traffic originating? Apart from determining which countries are accessing your website, you can also view a list of websites and even specific pages that have links to your site. In the example below, notice each of the websites ends with RU (the country code for Russia) or UA (Ukraine). Is there any reason any of those sites should be linking to your website? If not, it should raise a red flag.
Are you getting spam comments? If your blog is connected to your website and you are receiving spam comments, your URL has been picked up by malicious bots. It does not mean you’ve been hacked, but it does mean the spam is likely to continue unless you limit or remove comment capability, impose restrictions or block certain regions from commenting.
What you can do to protect yourself: install software or an app that blocks the countries where your books are not sold. If you have a WordPress site, search for plug-ins such as IP Geo Block that allow you to block specific IP addresses or entire countries. I found it easier to allow only certain countries to access my websites. Below is a snapshot of the hits received on my website today, a few months after installing IP Geo Block. I chose to allow hits only from the United States, Canada and a few western European countries, and you can see from the graph below that I received no hits from Russia or Ukraine, a stark contrast from my earlier statistics. Always verify the authenticity of a plug-in or app, and keep it up to date.
Modify your access file. If you are proficient with programming code, you can modify the .htaccess file to block specific countries or to permit certain countries. For example, if your target market is confined to the United States and Canada, you can permit only those two countries to access your website. You’ll find a free code builder at https://www.countryipblocks.net/country_selection.php.
Contact your server host’s technical support team. They might be able to make the change for you, or perhaps they have software already installed in your CPanel that can be used to make the modifications you desire.
Occasionally, I have readers contact me via social media from countries I have blocked from my website. They sometimes indicate a desire to purchase my books, read an excerpt or watch the book trailer. I respond via social media with links to amazon in their country (for buying and excerpts) and YouTube for the book trailer.
If you enjoyed this article and you’d like to discuss options for protecting your website—or any other subjects regarding the author experience, please join our Facebook page at https://www.facebook.com/thenovelbusiness/.
p.m.terrell is the internationally acclaimed, award-winning author of more than 21 books in several genres. Her first book was published in 1984 and she became a full-time writer in 2002. She has mentored authors for more than 15 years and is the co-founder of The Book ‘Em Foundation and the founder of the Book ‘Em North Carolina Writers Conference and Book Fair. For more information, visit www.pmterrell.com.