Extra URLs created

  • My WordPress website was attacked by malware in 2022. Extra URLs were automatically generated leading to confusion. A few of such URL examples are given below:-

    These URLs are discovered by Google bot and reflected in my Google Search Console Results

    Later every page content turned into Japanese/Korean/Chinese script – I don’t know what it was. I deleted the whole website and reinstalled WordPress, and again created the site from scratch. I did not install any backup from previous website. However, I copy pasted the content in notepad from the previous website and kept the content that way. I even did not use the previous images from the former website.

    Now I am still getting a report that these URLs are still reflected in GSC though last crawled dates were all in 2022.

    My questions are:-

    1. Are these concerning?
    2. How to tackle such problems in future?
    3. How to check whether any Plugins is causing this?

    • This topic was modified 2 days, 4 hours ago by Yui.
    • This topic was modified 1 day, 16 hours ago by James Huff. Reason: hack URLs removed

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hello @bijnanobijnani,

    Let’s address your concerns step by step.

    1. Are These URLs Concerning?

    While the URLs you mentioned are no longer active on your site, their presence in Google Search Console (GSC) results is primarily an indexing issue rather than a current security threat. But they may still affect your site’s SEO and could lead to confusion for users.

    2. How to Handle the Old URLs in Google Search Console

    To prevent Google from continuing to index these old, invalid URLs, you can:

    • Request URL Removal: Use the “Remove URLs” tool in Google Search Console to request the removal of these specific URLs. This will temporarily hide them from search results.
    • Submit a Clean Sitemap: Make sure to submit a clean sitemap that reflects only the valid URLs on your website.
    • Add 410 (Gone) Status for the Old URLs: You can configure your server to return a 410 Gone status for these URLs, indicating to search engines that the URLs no longer exist and should be removed from the index.
    • Check for Malware or Hacked Content Warning in GSC: If Google detects any remaining signs of malware, you may still see warnings. Make sure to follow Google’s recommendations to resolve these warnings.

    3. How to Tackle These Issues in the Future?

    Fallow security best practices recommended by WordPress

    4. How to check whether any Plugins is causing this? To check if a plugin is causing issues:

    • Temporarily deactivate all plugins.
    • Reactivate them one by one, checking your site after each activation.
    • If the issue reappears, the last activated plugin is likely the culprit.
    • Always use plugins from reputable sources and keep them updated.

    Let me know if this was helpful!

    Yes, the URLs can interfere with the indexing of your site. They don’t prevent it, but they don’t do any good.

    You have 2 options to fix this:

    • You could ask Google to exclude these URLs. Google offers its own tool for this: https://support.google.com/webmasters/answer/9689846?hl=en – but this is primarily intended for other cases.
    • URLs with HTTP status 200 are currently being accessed. This means that Google sees them as normal pages. You should set up a redirect for these URLs using HTTP status 410 or 404. 410 means “gone”, 404 means “non-existent”. Google would take both into account, although I consider 410 to be cleaner in this case. You won’t be able to set up the necessary redirects in WordPress itself. You may be able to achieve this with the redirection plugin (possibly with regular expressions). Otherwise, you would have to set this up on the hosting itself.
    Moderator James Huff

    (@macmanx)

    Also, if you don’t want Google to keep trying to index those URLs, don’t paste them in a public support forums, where Google could try to index them. ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.