Fighting spam backlinks to a CMS

I have been fighting hacking attempts and bad backlink bot nets a few times this year on different jobs. This time I have been cleaning one that effects Joomla and Wordpress. Adding links and uploading form pages to upload more code.

Author:
Category:
posts
Reading Time:
2m 12s

Not being a security expert but a web developer who has seen this plenty of times before dealing with the clean up is OK as long as you have a couple of things:

  • All the logins
  • Recent Backups
  • SSH access helps a lot
  • Log access
  • The power to change passwords
  • Following these things then often a new server to rebuild on or at least clean up on with restricted by * IP access to just you.
  • hack-green2

After the on side clean up of code hacking on pages to the site, the latest set of bots seems to pass a great number of backlinks to new targets from already hacked sites.

These are hard to get rid of from google which believes if a thousand pages link to you then that page exists. Even when that page throws a 404 error.

So I have added this to the site for some extra prevention:

In the virtual site config or the .htaccess file


RewriteCond %{HTTP_REFERER} (poker) [NC,OR]
RewriteCond %{HTTP_REFERER} (drug) [NC,OR]
RewriteCond %{HTTP_REFERER} (casino) [NC]
RewriteRule .* - [F]

RewriteCond %{REQUEST_URI} (poker) [NC,OR]
RewriteCond %{REQUEST_URI} (drug) [NC,OR]
RewriteCond %{REQUEST_URI} (casino) [NC]
RewriteRule .* - [F]

First three block links coming in from urls that are "bad" and the second from hitting the urls.

It gives a nice server 403 error:

Forbidden You don't have permission to access /drug on this server.

Lets see what this does to the 4240 pages google currently thinks exist as the 404 page on one site.

>

Have you been struggling with bad URLs, or do you know where to check?

Send me your suggestion, We can advise you on the best action.

#spam #cms #seo
Mautic Tags