Make .htaccess redirect spamy links that start with ? to an error page

Using wildcard redirect for all URLs that use ? is not advisable, because there are legitimate uses for URLs with ?. It would be better to target those query strings individually for redirecting.

I’m guessing you’re seeing spammy links in your Google Analytics? Redirecting them will not work. In most cases, spammers target your Google Analytics UA number not the website and they never actually visit your website.

It’s better to filter them inside Google Analytics so they don’t show up. Check out these 2 resources:

• Guide: https://www.ohow.co/ultimate-guide-to-removing-irrelevant-traffic-in-google-analytics/
• Tool: https://referrerspamblocker.com/

Hope that helps.

Ok well thank you, think I’m more confused. SiteLock insisted that they are in the code in the web site…??

Maybe I should not be using the term wildcard, that might not be correct; but maybe it still means wildcard not sure.

It would be hard to target them individually because there’s a TON of them now ?? .

They are inside my Google Search Console!!

I will check your resources out thank you!!

How do they get that code to redirect to our home page then if they are not buried within the code of the site…?? ugggg so confusing.

SiteLock insisted that they are in the code in the web site.

If this is true, it may signal that website might have been hacked. If it’s part of your code, then someone put it there.

If Sitelock is involved, they should be able to scan your website/files and tell you if there’s any malicious code present.

If possible, can you share exactly what SiteLock said – copy/pasting it. It would help provide more clarity on the issue. Make sure to remove any sensitive information if you’re pasting their response.

Also, if possible, can you show a screenshot of the Google Search Console where you see these URLs? It would help better understand the issue.

Lastly, I would check Google index to see if there are any “weird” pages indexed. When sites are hacked, they tend to host all kinds of pages they don’t even know about. Do a search: site:domain.com

Go through all search results and pages, looking for anything that shouldn’t be there… like Viagra pages, for example.

Thank you for responding!!

Ok so sorry I meant to type: SiteLock insisted that the URLs are IN the code, I kinda made that sound confusing.

Message from SiteLock last evening:

Dear xxxxxx ),
Re: Ticket# [xxxx]

Our Expert Service Team has successfully cleaned your website. Below you will find the details of the work we have completed.
We have cleaned malicious links from the database. A backup of the database is available in your site’s document root; we can restore this backup if you believe any of the removed content was actually legitimate.
We have submitted your site to google for review asking them to remove any malware warnings. Unfortunately we cannot give you an exact time frame on when this will be completed as we are dealing with third party companies.

How can this be cleaned if this stuff all still returns to the Home page???

I checked the site:domain.com and yes there are LOTS of ‘weird’ pages indexed…I need to get rid of these.

Screenshot: Sorry for some of these up front; not trying to be crude

Following examples rendered soft 404 errors:

soft 404 errors

And from Search Console Links to the site:

External links to the site

I also need some clarification: are you saying that this might just be an issue with Google Analytic s and not the site itself??

I will be posing back after calling SiteLock this morning…

I SO MUCH appreciate the help with this, seems I’m getting nowhere ??

Just spoke to SiteLock and they escalated my case and now admitted that those spamy URLS should have been found and are most likely ON the site.

And so it continues….

I’m patiently awaiting responses here too, ??

They are on the site. Carefully follow FAQ My site was hacked – WordPress Codex.

Then take a look at the recommended security measures in Hardening WordPress – WordPress Codex and Brute Force Attacks – WordPress Codex

If you can’t do the work yourself, consider looking for a reputable person on https://jobs.wordpress.net/ or https://directory.codepoet.com or https://upwork.com

(FYI, it’s not a good idea to respond to work offers from random forum users who have read about your issues.)

Thank you!

Oh and I have not nor would I respond to work offers from random forum uses; gotcha on that already ?? I have already done several of the recommendations in the Hardening WordPress and the codex, etc and also SiteLock is trying hard to help now.

Am going back a second time to verify the security measures too!

Keep pushing SiteLock to clean it all up. Since you’re paying them for the service, they should clean it all up.

Mark mentioned this article FAQ My site was hacked – WordPress Codex. At the bottom, under Other Resources, there’s a link for Sucuri sitecheck (I’m not affiliated with Sucuri): https://sitecheck.sucuri.net/scanner/

Put your domain in and scan your website. If anything comes up, send it to SiteLock support and request them to clean it up.

This is very important – SiteLock’s email mentioned Google index. Do a search in Google for: site:domain.com

This will give you a list of everything Google indexed. If there are any malicious pages that should not be there, you should go to your Google Search Console and submit those pages for removal. You don’t want them in Google. More information on removing pages from Google here.

Hope that helps.

This is great help and I will give a report on what SiteLock says in the morning!

I did the search in site:domain.com and it returned lots of spam!

You guys are the best!! I will post back asap.

THANK YOU!!!!

Ok this is kinda interesting…so SiteLock did finally find the links and clean them out!(thank gosh! They were super nice actually and very helpful, despite calling them about 5 times concerning this! ) They had missed it earlier because somehow they were scanning the wrong IP…anyway they found them! Good thing I was pro-active…

More interesting like I was hoping they helped me with the code I was searching for to add into the .htaccess and I have added it below, now all of the spamy links redirect to an error page and not our home page! Hopefully they will drop off from Google search in a week or two. I have re-tried the search for: site:domain.com and nothing creepy seems to be coming up!!

**Also this was their response about below:

Added code in .htaccess file will now return a 404 response on any URL that includes a query string with no = symbol

See code below!

###BAD QUERY STRING BLOCKER, ADDED 5/26/2016
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} ^[\-/A-Z0-9]+$ [NC]
RewriteRule (.*) - [R=404]
</IfModule>
###END CODE

I’m crossing my fingers on this but so far so good!

Great news! Glad they were able to clean it up.