: Strange URL parameter in Google search result, looks like an advertisement I'm a total noob when it comes to being a web dev so please forgive me if the following sounds idiotic. I noticed
I'm a total noob when it comes to being a web dev so please forgive me if the following sounds idiotic.
I noticed that when you search my website one of the result's URL looks like an advertisement:
example.com/?s=earn-make-money.com%252F2011%252F09%252Fhow-to-make-money-on-ebay-with-old-magazines+Launching+an+eBay+business+is+straightforward+fun+and+can+be+done+from+the+comfort+of+your+personal+home+ways+to+make+money+with+ebay+marketing+items+
It's not listed on the sitemap and when you follow the link it takes you to our homepage. I've tried to use their removals tool but it won't remove it since it's a 'valid' page.
What could have caused this and how do I stop Google from showing it in the search results?
More posts by @Megan663
3 Comments
Sorted by latest first Latest Oldest Best
You are a victim of a hack (XSS, code injection) due to a bug, security flaw in your CMS (WordPress, Drupal, etc.)
One example of this type of attack is the "pharma hack" on WordPress, where ads about viagra were injected into WordPress pages to get them crawled on Google with incorrect keywords.
You would need to:
Fix security bugs in your webpages if they accept request parameters without sanitization, or their direct injection into page components like
meta description or any other paragraphs. The current malicious link seems to have an intent of injecting ad keywords in your page.
Return a 410 for any already crawled page (410 = permanently discontinued), so that Googlebot can remove these results from SERPs
Put a URL removal submission request in webmaster tools, that may take some while to reflect though.
how do I stop Google from showing it in the search results?
Make sure this URL (and others like it) don't return a 200 OK status.
For example, to block all URLs that contain any of the words "money", "ebay" or "marketing" in the query string part of the URL, include something like the following near the top of your root .htaccess (Apache) file:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (money|ebay|marketing) [NC]
RewriteRule ^ - [F]
To block any URLs that contain a query string:
RewriteCond %{QUERY_STRING} !^$
RewriteRule ^ - [F]
These directives return a 403 Forbidden for such requests (as instructed by the F flag on the RewriteRule).
Your site has likely been hacked and a malicious script inserted to add spam-advertising. The script may show one result to the Google bot and other results to humans. You should contact your hosting provider right away to get them to look at the site and see if they can assist in cleaning it. If not, there are security services that can do the same thing for a fee (Sucuri, Stop the Hacker, etc).
If you are running WordPress or Joomla or another common content management system, you will definitely need to get a pro involved to not only clean the infection but also harden the site against future attacks.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.