Is this the new way of spam? How can i protect my website?
Recently with the Google webmaster tools, i discovered the following (not found) Crawl errors
http://mydomain.com/warning_this_is_english_domain_to_solve_this_problem_submit_site_in_atoall.com.html
After Googling i found that this one might be a new way of spam.
But wait a second, from programmer's prespecive, what is going on with my website? Is there something am i doing wrong? Is there any security hole i currently do not see?
UPDATE: References
http://blog.colnect.com/2009/12/ne开发者_高级运维w-spam-technique-warningthisisenglish.html
http://blog.colnect.com/2009/12/save-us-from-index-spamming.html
The problem is that these people wrote a custom 404 handler that looks nice to humans, but it also allows hackers to trick bots. This is a vulnerability that is being actively exploited to spread spam.
If you search for the text, a ton of these spammer links pop up: http://www.google.com/search?q=warning+this+is+english+domain+to+save+this+problem&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
The 2nd link for me is this: http://www.acronymfinder.com/warning_this_is_english_domain_to_solve_this_problem_submit_site_in_atoall.com.html
If you go to the page you'll see the text: "No matches for warning-this-is-english-domain-to-solve-this-problem-submit-site-in-atoall.com"
To protect your self try the same hack on your system. Try putting: http://www.whatever.com/some-bs-text.html
If you can see some-bs-text in your web browser, then someone oculd trick Google into seeing arbitrary text on your page. Its better to just tell people that the page cannot be found.
I think this just means that someone (or more likely something) requested that file from your server. Your server replied with a 404 error, (or possibly a 200) but the error showed up in your log. This does not indicate any security vulnerability and there is no need for you to take an action.
精彩评论