As technology is getting more advanced the threat of destructive code appearing in your web applications is becoming more and more a concern for developers. The threats posed by malicious code and SQL injection in particular, and by leaving code vulnerable to such attacks must be constantly monitored. Yet, while SQL is the most common code injection attack, there are numerous others that can be just as dangerous to your applications and your data, including LDAP injection and XPath (a form of XML) injection. While these may not be as well-known to developers, they are already in the hands of hackers, and they should be of concern.

From an SEO perspective, this potential code infiltration can be disastrous to your rankings. Engines such as Yahoo who base their algorithm heavily on content can reduce the rank of a page if not complexly eliminate the page from appearing in its SERP for queries which once had page one or two ranking. The problem is often the content changes before you know it, or even worse a redirect has been added to your home page and the spiders which in some cases visit on an almost daily basis catch it and update the rankings accordingly.

There are many ways to protect against such a disaster, but it all starts with sound server security. I like to call the protection method the Holey Trinity of web security. Step one - have both a physical and software based firewall; step two – install a commercial (not free light weight) spyware / Virus detector on the server; step three – conduct daily backups of your database. Though these 3 steps will not guarantee your site’s safety they will at the very least make your site almost invisible to most hacking attempts, and significantly reduce your likelihood of an attack.