Removing .php landing pages from Google Search Console using Yoast Robot.txt

  • Resolved szas

    (@szas)


    3 years, 3 months ago

    Hi,

    Our website was recently injected with malware which has now been removed by reinstalling WordPress. But in Google Search Console, I’m still seeing the pages/urls that were injected in the site with server error 5xx. These URLs are ending with .PHP (from wp-includes folder) files that are redirected to another site.

    I was wondering if it’s okay to add Disallow: wp-includes command in the Robots.txt file.

    Would this solve this server error for these files? I’ve also watch this video guide in which it says to add .htaccess file to wp-includes that will not allow google to crawl PHP, js, or css files within that folder.

    Video: https://www.youtube.com/watch?v=IP0yGFwoq1s

    Here’s the code that I would add in the .htaccess file:

    <FilesMatch "\.(php)$">
#deny from all
#Header set X-Robots-Tag "noindex"
Header set X-Robots-Tag "noindex"
</FilesMatch>

    This file would then be in wp-includes folder.

    • This topic was modified 3 years, 3 months ago by szas.
    • This topic was modified 3 years, 3 months ago by szas. Reason: added the code
Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @szas,

    We’re sorry to hear about the hack on your site!

    Only cleaning your site and removing all of the problem PHP files would solve the problem and prevent access. Setting the robots headers wouldn’t have any effect on redirected pages or 500 errors, unfortunately.

    Google has more details about how to use their temporary removal tool and the steps on how to remove URLs permanently in this guide: https://support.google.com/webmasters/answer/9689846.

    We suggest getting help from your hosting provider to address securing your site. We have a few other recommendations and resources here:5 things to do after a hack.

    Plugin Support devnihil

    (@devnihil)

    We are going ahead and marking this issue as resolved due to inactivity. If you require any further assistance please create a new issue.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Removing .php landing pages from Google Search Console using Yoast Robot.txt’ is closed to new replies.