Dealing with Malicious Inbound Links

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Dealing with Malicious Inbound Links

Optimus

10:52 am on Jul 10, 2009 (gmt 0)

Webmaster Tools is showing almost 40 000 inbound links to my site, from web sites that have been hacked/compromised. These hackers used anchor text for various pharma products and added on a query string to a dynamic page on my site.

I need google (and other search engines) to remove their recognition of these Inbounds.

My site is hosted on a MS Server platform. An example of one of these inbound links from a hacked site looks like this:

<a href="http://www.example.com/vacationDetails.asp?vacationid=983134885&atTop=1">valium online</a>

< example.com is my site >

I am reluctant to disallow these URL's in the robots.txt file, as this would be tantamount to admitting that they even existed. I don't want to create a 301.

Any advice on how to deal with this type of malicious external link would be greatly valued.

[edited by: Robert_Charlton at 5:40 pm (utc) on July 10, 2009]
[edit reason] changed to example.com - it can never be owned [/edit]

Robert Charlton

7:17 pm on Jul 10, 2009 (gmt 0)

Optimus - Take a look at this discussion for some background on your question....

Can Others Hurt Your Rankings - Part zillion...
[webmasterworld.com...]

If you have WMT, it might be prudent to file a reconsideration request to advise Google that you have nothing to do with these links.

tigertom

7:33 pm on Jul 10, 2009 (gmt 0)

How about using .htaccess or the targetted script itself to return a 410 or 404 error for any such requests?

That way, the the SE's see that the links are dud and penalise the linking sites, instead of yours.

jdMorgan

7:53 pm on Jul 10, 2009 (gmt 0)

In fact, best practice indicates that your script should already return a 301 or 404 for any query that does not correspond exactly to a valid entry in your database. If you fail to do this, then anybody can point any bogus link at your site for any reason (as these leeches have done here).

It's not clear from your post, though, whether there is anything actually wrong with that requested URL. If not, then all you can do is deny access by referrer and make sure that your site doesn't contain any instance of any of their targeted keywords.

Jim

leadegroot

11:47 am on Jul 11, 2009 (gmt 0)

... and - are you 100% sure you haven't been hacked and Google is actually getting content on these pages? The types of content you don't want anywhere near your site. Don't forget to look for cloaking! Google's cache is the simplest place to check.

Optimus

8:15 am on Jul 13, 2009 (gmt 0)

Thanks for replies, Robert and others. Our site was actually hacked in March. After weeks of failed intrusion attempts, hackers eventually found a vulnerability in one area of our database and posted hidden pharma links. Since we were already aware that intruders were mounting an onslaught on the site, we were able to quickly remove their cr*p and secure the database vulnerability they had exploited (within 8 hours).

When I noticed this multitude of inbound links from hacked sites in WMT five days ago, I immediately filed a reconsideration request, explaining that I had nothing to do with this. No reponse as yet and the links are still logged in my WMT.

Although the query strings the hackers used was returning a message that the requested URL was invalid, I have since altered this to return a proper 404, so there can be no ambiguity to confuse googlebot.

Thanks again for the advise...