Comment by treis
5 years ago
IMHO, it sounds like it worked. The things you changed sound like it's made your site more secure. In the future, Googles hammer can be a bit more precise since you've segregated data.
And you don't know what triggered it. It's possible that one of your clients was compromised or one of their customers was trying to use the system to distribute malware.
It's only more secure from Google's blacklist hammer.
No significant security is introduced by splitting our company's properties into a myriad of separate domains.
This type of incident can be a deadly blow to a B2B SaaS company since you are essentially taking out an uptime sensitive service that a lot of times has downtime penalties written down in a contract. Whether this is downtime will depend on how exactly the availability definition is written.
To add to this - by splitting and moving domains you've hurt your search rank, eliminated the chance to share cookies (auth, eg) between these domains, and are now subject to new cross-domain security dings in other tooling. Lose-lose.
We're talking about user uploads into a ticket system. They should not be publicly available at all. It won't hurt search rank.
If you split up your user uploaded material into per client subdomains you will know which one is uploading the malicious files. And your clients can block other subdomains limiting their exposure as well. Is it a huge improvement? No, but at least it's something
It's not clear from other commenters that had similar issues that GSB would not outright ban the entire domain instead of specific subdomains.
In this case, the subdomain they banned was xxx.cloudfront.net, and we know they would not block that whole domain.
We might consider that approach in the future, but I foresee complications in the setup.