Msg#: 3949934 posted 10:52 am on Jul 10, 2009 (gmt 0)
Webmaster Tools is showing almost 40 000 inbound links to my site, from web sites that have been hacked/compromised. These hackers used anchor text for various pharma products and added on a query string to a dynamic page on my site.
I need google (and other search engines) to remove their recognition of these Inbounds.
My site is hosted on a MS Server platform. An example of one of these inbound links from a hacked site looks like this:
In fact, best practice indicates that your script should already return a 301 or 404 for any query that does not correspond exactly to a valid entry in your database. If you fail to do this, then anybody can point any bogus link at your site for any reason (as these leeches have done here).
It's not clear from your post, though, whether there is anything actually wrong with that requested URL. If not, then all you can do is deny access by referrer and make sure that your site doesn't contain any instance of any of their targeted keywords.
Msg#: 3949934 posted 11:47 am on Jul 11, 2009 (gmt 0)
... and - are you 100% sure you haven't been hacked and Google is actually getting content on these pages? The types of content you don't want anywhere near your site. Don't forget to look for cloaking! Google's cache is the simplest place to check.
Msg#: 3949934 posted 8:15 am on Jul 13, 2009 (gmt 0)
Thanks for replies, Robert and others. Our site was actually hacked in March. After weeks of failed intrusion attempts, hackers eventually found a vulnerability in one area of our database and posted hidden pharma links. Since we were already aware that intruders were mounting an onslaught on the site, we were able to quickly remove their cr*p and secure the database vulnerability they had exploited (within 8 hours).
When I noticed this multitude of inbound links from hacked sites in WMT five days ago, I immediately filed a reconsideration request, explaining that I had nothing to do with this. No reponse as yet and the links are still logged in my WMT.
Although the query strings the hackers used was returning a message that the requested URL was invalid, I have since altered this to return a proper 404, so there can be no ambiguity to confuse googlebot.