Is there any way to prevent external sites from linking to me?
-
Is there any way to prevent external sites from linking to me? I am temporarily managing the main website for my employer. Google has recently flagged this site as "compromised" because some external (link farm?) sites are linking to non-existent query pages on our site. (Note: I am neither a developer or a webmaster, but seeing as how I am the most technologically aware person in our very-small company, I have been tasked with managing our site for now. I know just enough to get myself in trouble.) There are approximately 400 of these incoming links, all related to prescription drug purchasing (ex: mydomain.com/?query=cymbalta-overnight-delivery). These URLs do not exist in either our database or our CMS (Joomla, if it matters), and no malware has been installed on the site. I am fairly confident that the back-end has not been compromised. However, all these incoming links are causing Google to mark our site as "compromised". Also, many of our clients are US federal government agencies, some of who have let me know that they are no longer able to access our site on their network. This is decidedly Not Good. I have blocked all query URLs via robots.txt, and asked Google to remove them individually from their search results, but I'm not sure that will be enough to un-block our site for these clients. I'm also concerned that new links will keep popping up and this will be a never-ending project for me to monitor. Is there any way to prevent these external sites from linking to us at all? (I know who the culprits are.) I've done some basic Googling and haven't found much, but I'm hoping AskMe will have some suggestions. Any help is much appreciated! (Anon because, well, work-related. Also incompetence-related.) *Bonus question: any idea what the motivation behind this is, other than to give me a major headache? I can't quite figure out how this benefits these sites or draws more traffic to them, since all links are incoming and just redirect to our homepage.
-
Answer:
However, all these incoming links are causing Google to mark our site as "compromised". Do you know that is the reason, or do you assume that is the reason? If this was possible it would be extremely easy, and prevalent, for a nefarious person to essentially erase a site from Google with just a few hundred ingoing links. If that were the case we would hear about it a lot more. I suspect there is something else that is (at least) giving the impression that your site is comprimised, and that you haven't found it yet. Good luck!
anonymous at Ask.Metafilter.Com Visit the source
Other answers
Is there any way to prevent external sites from linking to me? Nope. Google has recently flagged this site as "compromised" because some external (link farm?) sites are linking to non-existent query pages on our site. Also nope. You don't get flagged because you're being linked to; you get linked to (and flagged) because you've been compromised.
toomuchpete
Don't be so sure your site hasn't been compromised just because the links appear dead when you visit them. I've seen CMS attacks that only deliver the compromised content to the Google Bot (for search ranking purposes) or check cookies so they only deliver compromised content to not logged in first time visitors. Everyone else gets a standard (fake) 404 page. The compromised content could be hidden in a randomly named base64 encoded file hidden who knows where. You can see examples of compromised sites with this google search: https://www.google.com/search?q=site:.edu+cymbalta-overnight-delivery
ChrisHartley
Is there any way to prevent these external sites from linking to us at all? Since a link is nothing more than a URL referenced in an HTML document, I don't think there's any way to prevent an external site from linking to yours. Sorry. I'd double check to make absolutely sure nothing has been uploaded to your webserver. Scan the entire filesystem for anything that looks weird. any idea what the motivation behind this is, other than to give me a major headache? I'm guessing that something out there thinks it was successful in uploading something to your webserver and it has generated the links as a way of keeping track of the compromise.
RonButNotStupid
http://php.net/manual/en/reserved.variables.server.php you can use something like $_SERVER['HTTP_REFERER'] to get the referring page (not infallible but pretty useful in practice) and also some other similar $_SERVER variables to get the REQUEST_URI and QUERY_STRING. http://stackoverflow.com/questions/165975/determining-referer-in-php Once you have detected those values match something, you can do a number of things from presenting a special page to sending HTTP error messages of various types. You can also so a lot of http://www.htaccess-guide.com/deny-visitors-by-referrer/ - http://stackoverflow.com/questions/5151385/redirect-on-the-basis-of-referer-http-referer-htaccess, http://forums.macrumors.com/archive/index.php/t-961699.html, http://altlab.com/htaccess_tutorial.html.
flug
Google is not incorrect about your site being compromised in some fashion. Involve a professional if you're not sure how to proceed with a proper investigation. If this site is customer facing in any way, or has access to customer data you should proceed with extreme caution.
odinsdream
Chiming in that your site has almost certainly been hacked, and there is a lot of information available by searching for "http://www.google.com/?q=joomla+pharma+hack" but if the advice there seems over your head, I heartily recommend biting the bullet and hiring a professional to do the cleaning, as well as doing a general security review of your site and your hosting environment.
camcgee
Joining the chorus. I recently went through a Joomla compromise that sounds a lot like this one. I took the time to read through the (base64_enocded) compromise code and it was doing as ChrisHartley suggested: checking to see if the client was a search engine bot or a logged in user before executing. If you're not a capable sysadmin, it will be be hard to do the necessary analysis and cleanup, but one thing you can and should do right now is get a Google Webmaster Tools account, claim the site so you can get reports on it, and request a malware review. When that report comes back, it will include any malicious code found on the page, which might help you narrow down where in the templates the code is being invoked. If you get that far, just keep in mind that removing or cleaning a few suspect files won't necessarily fix things for good. The first Joomla crack I ever encountered left code around that did nothing but check for previously installed malicious code and quietly wrote it back into place.
mph
Get thee to https://www.google.com/webmasters/tools/home?hl=en, register the site, then see what the Googlebot is actually viewing on your site: many injection compromises hide themselves from regular browsers. And then hire a pro to clean it up.
holgate
This happened on my Joomla site; turned out the site had been hacked (via SQL injection).
nicebookrack
Related Q & A:
- What Free Sites or really good Paid Sites Would Be Good for Advertising Holistic Pet Food On?Best solution by Yahoo! Answers
- Which r the sites that we can put our photos in the sites for other ppl to vote us?Best solution by Yahoo! Answers
- What does linking mean?Best solution by Yahoo! Answers
- Is there any way to stop/Prevent Heat Rash?Best solution by Yahoo! Answers
- Is there a way to prevent heat rash?Best solution by Yahoo! Answers
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.