homepage Welcome to WebmasterWorld Guest from 54.242.140.11
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google SEO News and Discussion
Forum Library, Charter, Moderators: Robert Charlton & aakk9999 & brotherhood of lan & goodroi

Google SEO News and Discussion Forum

    
How to Handle Google Authorization Errors for Wordpress
alika

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4567552 posted 2:16 pm on Apr 24, 2013 (gmt 0)

I posted in the Global Wordpress Hack Underway [webmasterworld.com...] my problem of the sudden increase in authorization permission errors being reported in GWT.

The errors were of this form:

wp-login.php?redirect_to=http%3A%2F%2Fwww.DOMAIN.com%2FCATEGORY%2FPOSTNAME

The errors started a week after I introduced a password protection for extra layer of security for the site

I have removed the password protection in htaccess and deleted .htpasswd which I thought triggered the authorization permission errors. What that did was to halt the rise of the authorization permission errors. However, the errors simply remained constant - it did not increase but it also did not decrease. And yes, I keep getting messages in GWT about the authorization permission errors

Where else should I look at?

My robots.txt file currently has

User-agent: *
Disallow: /wp-admin/
Disallow: /wp-includes/
Disallow: /wp-content/plugins/

Should I add

Disallow: /wp-

to prevent Googlebot from accessing wp-login.php?

Note that:

- Wordpress has been installed since Jan 2012, and I've never had any authorization permission errors.
- WP-login.php is not linked anywhere on the site

This started April 1, and traffic has started to fall last week. Any direction you can point me to will be greatly appreciated.

 

tedster

WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4567552 posted 1:53 am on Apr 25, 2013 (gmt 0)

No, I wouldn't just Disallow /wp- Although that would probably fix your immediate issue, it might disallow other files that you don't want to block, because it's a bit too open-ended for my taste and that could lead to unintended issues in the future.

Since you want to block crawling of /wp-login.php, why not Disallow exactly that?

alika

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4567552 posted 12:00 pm on Apr 26, 2013 (gmt 0)

Thanks Tedster. We're seeing some very little progress even with the

Disallow /wp-

From 687 errors at its peak, we're down to 683 then 681. It seems like a slow climb down. But I'm hoping that the downward trend continues, albeit slow

Funny thing is even with Disallow: /wp-content/plugins/ , GWT includes URLs like this as one of the authorization permission errors:

wp-content/plugins/si-captcha-for-wordpress/si-captcha-admin.php

Given the constant attacks we've had since last year, we moved to a new webhost this year and are making sure that the server this time is properly configured and hardened. Once the migration is done this week, I'll revisit the robots.txt file again and simply do /wp-login.php disallow

alika

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4567552 posted 10:07 am on Jul 9, 2013 (gmt 0)

I ended up doing a

Disallow: /wp-login.php

Google finally recognized that on 7/6 and access denied errors dropped. It took a while before GWT showed the drop in access denied, from the time it first started on 4/10.

Now the wait when the traffic I lost coinciding with the rise of access denied errors will come back up

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google SEO News and Discussion
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved