1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:52 am Apr 22, 2026

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

URL redirect hijacked?

         

Tom44

11:11 am on May 12, 2017 (gmt 0)

5+ Year Member



Hi all,

We have a URL redirect on our site that works like this:

domain.com/goto?url=www.example.com

Any link shared on our community site is put through this redirect so that we can affiliate it if possible (similar to how the system works on webmasterworld)

I've noticed our redirect seems to have been repurposed for nefarious means. If you have a look at this page:

<snip>

You'll see in the source that they've hijacked loads of different websites that also provide a URL redirect.

I've not come across this before and didn't quite know what to search for to see if it's a common problem. I was hoping you guys might be able to help shed some light on:

- How negative an impact does it have on our domain?
- How could we go about preventing it?

Any help or input greatly appreciated.

Thanks,

Tom

[edited by: goodroi at 12:43 pm (utc) on May 12, 2017]
[edit reason] Let's not link to spammy sites :) [/edit]

phranque

11:55 am on May 12, 2017 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld, Tom! [webmasterworld.com]

How could we go about preventing it?

your goto script should only redirect to a whitelisted set of urls or domains and give a proper error response otherwise. (perhaps a 403 or 404 status code)
you could also check the Referer header and give the same response for non-blank referrers that aren't from your site or a site you want to support.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:52 am Apr 22, 2026