[Plugin: WP-PageNavi] Page navigation links calling a search query?

To be more precise

User-agent: Googlebot
Disallow: *com_product*

I’ll wait for Donncha’s reply on the subject before doing that. Maybe there’s a quick fix —?I hope so, at least.

Supercache doesn’t cache queries with GET parameters. Where are your visitors finding those links?

Wooa, same second! LOL.

Donncha, it’s the page navigation links, you can find them on the bottom of my homepage:

https://macmagazine.com.br/

So when someone clicks on /page/10/ they get /page/10/?option=com…. but the url is “/page/10/”? Check the supercache directory – wp-content/cache/supercache/macmagazine.com.br/page/10/ etc and verify if the correct page has been cached.

There’s nothing inside the /wp-content/cache/supercache/macmagazine.com.br/page/ directory. o.0

I just requested page 7 and the headers showed it was served by PHP and was a supercache file:

WP-Super-Cache: Served supercache file from PHP

The search results might be cached by Supercache but something else is generating that content. Supercache is only caching what your site has produced.

I’m not an expert in this, but I believe you’re not getting the point. I’ve just access my site via Safari (in which I’m not logged in and I can browse with cache enabled) and saw the problem again. The page navigation links in the home page are now bundled with a search query for “Light Peak”.

I browsed to the /wp-content/cache/supercache/macmagazine.com.br/page/ folder again and there are now 3 sub-folders inside it: /2/, /3/ and /4/. That’s it.

I browsed through those pages in my site and they were all cached correctly. The page navigation links in them are ok. The problem resides in the homepage.

There’s some kind of conflict going on in the way the HOMEPAGE generates those page navigation links. Whenever you get to page 2, 3, 4 and so on, it looks ok to me.

@donncha Yes @rafael is right. Its either the issue of WP Super Cache or its the new code of Google Analytics. Removing either of them solves the issue. Different websites are using this hole in PageNavigation plugin for spamming purpose.

So spammers take advantage of a problem in another plugin to create a cached page with incorrect or spammy content? I’m not sure how Supercache could stop that happening.

If the problem stops when either of those plugins is removed then it’s likely a problem in that Google Analytics plugin. You’d probably have the same thing happen no matter what page caching plugin was used.

I personally don’t use any Google Analytics plugin. The code was added to my template manually, copying and pasting from what Google tells us to do.

So, as I said, I simply can’t get rid of it. Analytics is my main statistics’ system for my website.

@donncha: Yeah, you will find some websites with PageNavi links like this:

https://www.example.com/page/10/?option=com_product&controller=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwww.spamsite.com..%2F..%2F

2ndly, yes its the issue with Google Analytics. But one thing is 100% confirmed, when we are logged in, there is no such links because we are not served the cached pages. Whenever we log out of WP admin account, we are served with cache and we get the issue. 2ndly, i never checked if its the issue with PRE-LOADING feature of WP-Super cache or not. If we do not pre-load the cache, the problem may not occur.

I don’t think you’ll find those links on preloaded pages as they’re generated by the server itself. I suspect spammers are injecting those links in somehow, knowing they’ll be cached. There’s not much Supercache can do.

So there’s really no solution to this problem? ??

So I could be off, as I’m no security expert, but with the research I conducted I found some references that shed some light on the above referenced link that scribu commented was malware.

Basically it’s a php injection that exploits the view page php. The hackers are using Local File Inclusion vulnerabilities and
injection malicious code in proc/self/environ. It goes after the view page php and perhaps that’s why Pagenavi is affected.

Now perhaps your issue Rafael is different since I haven’t seen the code that is appended after your domain on the bottom navigation bar. But for me, I do believe that was the issue.

When this went down, I decided to move to a new host that was far superior in security (previously I was on shared hosting) along with installing the most popular WP security plugins (BulletProof Security, Secure WordPress, etc), downloaded a fresh install of WP and increased my password strength. Basically tried to make the best of the situation by upgrading the virtual walls around my domain. So far the issue has not returned. I 301’d all offending nav links that showed up in Google webmaster tools and will continue to monitor the situation.

So if your bottom nav links have something like this in them “option=com_product&controller=” then perhaps you have issues with malicious php injections.

Here’s a few links I found, or you can type in ‘php injection wordpress’ into Google.

https://www.webdeveloper.com/forum/showthread.php?t=232277

This explains how a forced php injection is done:
https://foro.undersecurity.net/read.php?15,3768