From the minute that a vulnerability is posted on a security advisory site the hackers can quickly modify the list of keyword searches in their code and fire up an entire botnet to locate and infiltrate all of the easily identifiable sites in the search engines within hours.

People running sites that need updates should at least have a fighting chance to get the update from the developer, assuming the developer has even patched the code yet, which typically isn’t the case at the time of the initial security alert.

If you use free, or very cheap code to setup your site, don’t expect it to be the same quality as more expensive software from well established and reputable companies. If you don’t have the time and know-how to look for weaknesses and tweak the configuration, pay someone who does have that skill to do it for you. That way you have someone to blame when something goes wrong.

Blaming Google for your site getting hacked is like blaming auto-makers when you crash your car while driving drunk.

if anyone can download the code to the server, they could just as well do the search on their own copy of the code. sure, using a search engine makes it easier to locate bad code if that happens to be the same in different codebases, but blocking such searches does not stop anyone, it only slows them down. at the same time developers who want to search for such issues to fix them are also blocked from such searches, and thus you’d be blocking the good and the bad.

blocking such searches is nothing more than security by obscurity which has been denounced as a bad idea often enough.

anyone concerned about people reading their code should not publish the code in the first place.

greetings, eMBee.

They may be top for search (and slowly taking over the www) but that could change very quickly if they ignore the growing number of victims that are getting their sites harmed courtesy of Google.