Forum Moderators: phranque
This is my first time asking for help on here I've always used the search to find answers but I cant find exactly what I am looking for on this occasion, let me explain my problem;
A while ago my server was compromised, hijacked I think you would call it, basically php files and a htaccess file where put into writable directories within my gallery script. What this has done is basically create fake URL's/files which the search engines have listed for example these bad files have somehow given the impression that there is cracks and otehr bad things inside the directories these files where added to like mysite.com/gallery/album/bad-file-crack.shtml of course these files(the cracks and shtml files) dont exist on my server and never have but when a search engine user clicks on this link they are redirected to some russian search engine(doorway page i believe its called).
In order to try and get these fake URL's removed from search engines I blocked all albums/ directories in robots.txt and blocked robots crawling all shtml files, this hasnt removed all the fake URLs from search engines though as I am still getting refferers from these bad links and in webmaster tools it is listing over 1000 urls as being blocked by robots.txt which might not be good and it has stopped google images from lisitng the images contained within the gallery directories for which i used to get a lot of google traffic with.
So can I use htaccess to redirect all of the requests for shtml files to say a '410 gone' so that the search engines know that these dont exist, is that the best way to do it? and how would i accomplish this?
One other problem regarding these bad files, there is hundreds of them, usually 3 php files and one htaccess in the album directories, I have started removing them but to do it manually will take ages even with a filter in my FTP program to only show the php and htacces files, is there any way of mass deleting file using a rule, like all php and .htaccess files within mysite.com/gallery/albums/directories I have a dedicated server with shell access I am also willing to buy software for this purpose if anyone can reccomemend anything it would abe appreciated.
thankyou for your help.
RewriteRule ^gallery/albums/[^.]+\.(php¦shtml)$ - [G]
For mass deleting of files, use the "rm" shell command from Putty or SSH, e.g. rm "*.php"
For mass-deleting of entire directories, you can use the server shell command recursion option, "rm -r var/www/html/gallery/albums/", for example. Look at the manpage for "rm" for details.
Get all of these files off your server immediately, or shut down access to those directories in the meantime. As long as it is *your* site redirecting to malicious pages, it is likely *your* legal responsibility.
To make the directories inaccessible:
RewriteRule ^gallery/albums/ - [F]
Jim
if i use the command rm "*.php" will that delete all php files in my site? how can I define to delete php files and htaccess files only within directories within albums/? Im not to confident using SSH and i dont want to accidentlaly delete my entire sites php files.
Thanks again
Look at the manpage for "rm" for details.
Thankyou very much for your help it is much appreciated.
