: GWT "Big traffic change for top URL" I recently received an email from GWT saying that one of my URL's traffic has suddenly dropped. As it turned out the traffic to the whole site has drastically
I recently received an email from GWT saying that one of my URL's traffic has suddenly dropped. As it turned out the traffic to the whole site has drastically dropped, from some 300+ unique visitors to less than 10 a day.
After doing some investigation, it turns out that sometimes when you load the website, the source shows only the following:
<html><body><script>document.cookie='sssssss=81b58aaasssssss_81b58aaa; path=/';window.location.href=parseURL(window.location.href);</script></body></html>
The cookie is different, for example on one of my computers it said something along the lines of zzzzzzz=something (can't remember the value) and on a proxy it showed the above value. If the cookie isn't set, it just won't load the website.
Now this obviously means that my website is somehow infected some sort of malware, however, Google doesn't return any search results. Does anyone recognise this malware or can offer some advise on how to find out what the problem is?
Note: the website is a custom written website and although I tried to make it as secure as possible, it obviously seems I might have missed something. Technology used is PHP5 and MySQL.
The URL is: ps3theme.net/
Thanks
EDIT: This only seems to happen the first time round. I did a mass search on the website and nothing was found. If you view the source before you load the website, it comes up, but once that piece of code has been executed, it doesn't come up anymore for a while.
More posts by @Angela700
2 Comments
Sorted by latest first Latest Oldest Best
I can confirm that there is some malware or misconfiguration interfering with your site. I'm using the command line client called curl. When I make a request with curl, I get something like this:
$ curl -D - ps3theme.net/ -s
HTTP/1.0 200 OK
Expires: Sat, 6 May 1995 12:00:00 GMT
P3P: CP=NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 144
Connection: Close
<html><body><script>document.cookie='rrrrrrr=a9bdb593rrrrrrr_a9bdb593; path=/';window.location.href=window.location.href;</script></body></html>
But one time I got this:
$ curl -D - ps3theme.net/ -s
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Jan 2013 19:42:15 GMT
Server: Apache
Location: www.ps3theme.net/406.shtml Content-Length: 241
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.ps3theme.net/406.shtml">here</a>.</p>
</body></html>
There is no way that googlebot is going to be able to crawl your site when your server is responding like this.
Edit: I finally found the answer at this thread: productforums.google.com/forum/#!msg/webmasters/CCHRHVV_3fA/B_HQdIlzXkkJ
Your website is hosted at HOSTABLE.COM and they are the ones that are doing this to your site. It appears that you have to switch to a new host for this issue to go away.
I've just taken a look at your site and the page seems to be rending my end without any obvious problems and naughty malwares. I've checked your source which looks clean, but you might be experiencing a HTACCESS injection which redirects people or least trys too. Take a look in the htaccess file.
Furthermore...
In your robots.txt you have
User-agent: *
Disallow:
Disallow: /ajax.php #Sitemap : www.yoursite.com/sitemap.xml
While the tag Disallow: with shouldn't block the bots it's something that isn't required and you should remove that line all together as well as the commented sitemap bit too from the robots.txt like so this becomes your new robots.
User-agent: *
Disallow: /ajax.php
Check your .htaccess file and let us know what you discover, is the site working for you? or is it just want webmaster tools is reporting?
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.