Redirect Spam Query String URLs Created After Hack

0 Views

One of my sites was hacked and after that thousands of urls were showing up.

I want to edit my htaccess so that all urls that have /?x= are redirected to page without the query string.

Read More

The site is a word press site so cant redirect all urls with a query string or the site stops working properly.

Basically I need: 

www.example.com/?x=spamurl

to redirect to 

www.example.com

and any deep page that includes ?x= 

www.example.com/category/?x=spamurl

to redirect to 

www.example.com/category/

This is my current htaccess 

   # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    RewriteCond %{QUERY_STRING} x=
    RewriteRule ^$ http://www.example.com/? [R=301,L]
    </IfModule>

    # END WordPress

As you can see I have managed to get any url with ?x= after the main url to redirect to the main page but I cant figure out how to do this when ?x= shows after category pages etc..

Is there coding that can redirect ALL urls that include ?x= to a 404 page without causing an issue for wordpress files?

Many Thanks

Scott

Post Views: 0

Related posts

Leave a Reply

1 comment

  1. You need to move your redirect rules to before your wordpress rules. You also need to match any incoming URI:

    RewriteCond %{QUERY_STRING} ^(.*)(^|&)x=[^&]+(.*)$
RewriteRule ^(.*)$ /$1?%1%3 [R=301,L]

# BEGIN WordPress
etc...

    This will remove only the x=something parameter, and if you have other parameters before or after, those are preserved.