If your WordPress website has ever been hacked, you know there is a lot of cleaning up to do. Many hackers use the hacked website to inject spammy urls containing pharmaceutical or other content on your website.
Spam urls you hate to see on your website.
One thing is cleaning up the hack, removing all the bad code and securing your website for future attacks. But what about the spammy urls?
I use the Redirection plugin by John Godley at urbangiraffe.com when I need to handle redirects. I have used it for years, its easy to use, stable and flexible.
The problem is when you have been hacked and have thousands of bad urls you want to redirect, it is a hassle to do manually.
So, I decided to create a solution that automatically creates a 301 redirect for 404 pages.
There are several ways this can be implemented, I created a 404.php page in my theme folder to contain this code.
This means the first time a visitor (or robot) visits the url, the 404 page is presented, as well as a 404 http status. On any future visits to that url, a 301 redirect is sent to the url of your choice.
First visit to http://domain.com/buy-pills-of-some-kind.html :
A 404 page is presented, and the code below creates a redirect that is then handled by the Redirection plugin in the future.
Second (and following) visits to http://domain.com/buy-pills-of-some-kind.html :
A 301 redirect to the url of your choice.
Only use this code if you understand what is going on. Be careful!
Enough with the disclaimer, here is the code. If you do not have a 404.php file in your WordPress theme, create it.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
$redirectto='http://cleverwp.com/'; // This is where the redirect will go, change as you see fit. global $wpdb; $newpos=''; $badurl=''; $redirtable=$wpdb->prefix."redirection_items"; // The table containing the redirects... $oldpos=$wpdb->get_var("SELECT `position` FROM `$redirtable` ORDER BY `position` DESC limit 1;"); // for finding the HIGHEST number... if (!$oldpos) $oldpos='0'; // set to 0 if its the first redirect ever done! $newpos =$oldpos+1; // Found the old one, let's add 1. $badurl= $_SERVER["REQUEST_URI"]; // This is the bad url, the current one. if (($newpos) AND ($badurl)) { // Only run if we have the bad url and the next redirect number $blogtime = strtotime(current_time('mysql')); // Get the time $mysqldate = date( 'Y-m-d H:i:s', $blogtime ); // Proper formatting of the time $result=$wpdb->query("INSERT INTO `$redirtable` (`id`, `url`, `regex`, `position`, `last_count`, `last_access`, `group_id`, `status`, `action_type`, `action_code`, `action_data`, `match_type`, `title`) VALUES (NULL, '$badurl', '0', '$newpos', '0', '$mysqldate', '1', 'enabled', 'url', '301', '$redirectto', 'url', NULL);"); } |
Important technical detail: The Redirection plugin runs and handles redirects before the 404.php template is called.
Spammy urls automatically redirected
Under normal circumstances I would have had to create redirects manually for the spammy urls above. By using this code the redirects was created automatically.
A few technical notes
Notice the last_count column? The ones that has “0″, means the redirect has been created, but no subsequent visits made to that url.
The ones with “1″ means the page has been accessed twice. The first time just creates the redirect and presents a normal 404 page. The second time the redirect kicks in, and the “last_count” is updated. All of this is handled by the Redirection plugin… Thank you John for the great plugin
Cleaning up old redirects
As you can imagine, there can quickly be a lot of redirects filling up in your database. The Redirection plugin monitors not only the number of redirects, but also when the redirect was last accessed.
This means we can create a small piece of code that checks and deletes all redirects more than x days old.
I think 21 days (3 weeks) is a fair limit. The code below checks if there are any redirects that have not been accessed/used in more than 21 days, and then just remove them.
|
1 2 3 4 5 6 7 |
$oldredirsagelimit=21; // How many days before we delete from the redirection table. $oldredirscount=$wpdb->get_var("SELECT count(*) FROM `$redirtable` WHERE DATE_SUB(CURDATE(),INTERVAL $oldredirsagelimit DAY)>last_access; "); if ($oldredirscount>0) { // old redirections, not accessed in x days $wpdb->query("DELETE FROM `$redirtable` WHERE DATE_SUB(CURDATE(),INTERVAL $oldredirsagelimit DAY)>last_access"); //echo "Deleted $oldredirscount redirects that has not been used for over $oldredirsagelimit days."; } |
I have put the code that cleans the database table in the 404.php template file as well. Both pieces of code run very quickly and puts very little pressure on the server.
The redirects are in there. You can locate the faulty redirect(s) here and remove them, restoring your website.
Enjoy.
Click here to read more.
@cleverwp
Latest posts by Lars Koudal (see all)
- Slider Shock Giveaway Winners - 28/12/2012
- GD Press Tools 4.0 PRO Review - 27/12/2012
- How to automate SEO reporting! - 26/12/2012
- Barry Hughes Interview - 26/12/2012
- Dynamic top 20 post list with GD Star Rating - 20/11/2012
The script has created 251 redirects in about 24 hours, major time-saver.
Hi Lars,
Thank you for the 404.php file, i will test it.
This 404 301 tecnique is good to remove bad backlinks too from your backlink profile, since 404 backlinks don’t have negative effect on yoursitedomain.com
Am I right?
Regards