Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google shows same content as dupes on several CPanel subdomains

         

austtr

2:54 am on Dec 8, 2016 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



A hacked site hosted with CPanel showed (in Sophos) three different URL variants of the same hacked page(s), namely:

www.domain.com.au
ftp.domain.com.au
mail.domain.com.au

The hack was repaired months ago along with all the latest security and the site has been unblocked since then. According to the hosting support team, the ftp.domain.com.au and mail.domain.com.au can be ignored as they only relate to CPanel functions and do not “spill over” into the public area that Google indexes. (or words to that effect)

However, the reality is that the Google serps show ftp.domain.com.au and not www.domain.com.au for several of the pages that were hacked… same page, same content, same functionality, but not the public_html URL

The site: function with Google confirms that the three URL variants are showing in the index. A check of the sitemap.xml confirms that only the www URL’s are listed for indexing.

Can anyone shed light on what might be happening and how to get the variant URLs out of the index… and if Google is showing multiple URL’s for the same content, is there a possible duplicate content thing happening here?

robzilla

12:05 pm on Dec 8, 2016 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



In a domain's DNS settings, subdomains like ftp, mail and * (wildcard, the worst) are often just CNAME records pointing to the same A record as www, i.e. the same IP address. As a result, if the web server is not set up properly, it can serve the same website (from the same public_html folder) on all of those subdomains. If your website should only reside on www.domain.com.au, you'll want to configure your web server so that it responds only to requests to www.domain.com.au (and probably domain.com.au as well) and/or redirect all other requests to the canonical domain (www.domain.com.au). Otherwise, anyone can point a domain at your server's IP address and your server will respond with your site.

Alternatively, you could simply remove the ftp and mail subdomain records, because if they point to the same IP address as www then you don't actually need them. But it's generally good to have a redirect to the canonical domain in place, so I would prioritize that.