Register Log In

UBB.threads PHP Forum Software Community Forums Thread Like Summary - Google Third-Party Spam Warning

Thread Like Summary

Gizmo, isaac, Morgan

Total Likes: 5

Original Post (Thread Starter)
Google Third-Party Spam Warning #265810 11/22/2023 12:08 PM
by Morgan
Morgan	In a report on my domain Google says that my domain has had spam from a third-party and that I should prevent this from happening. Quote Third-party spam detected on https://example.com/ Google has detected a significant portion of your site being abused with spam that violates Google's Webmaster Guidelines and adds little or no value to the web. The spammy content may appear in your forums, guestbooks, social media platforms, file uploader, free hosting services, or internal search pages. This spammy content is possibly generated by site users or other third-parties, and it leverages your site to promote spam rather than the actual subject matter of your site. Therefore, a manual spam action has been applied to appropriate URLs matching this pattern: example.com/forum/ubbthreads.php?ubb=changeprefs&what=style&value=4&curl= The good news is that we generally believe your site is of sufficient quality that we didn't see a need to take manual action on the whole site. The current manual action will only affect those pages with spammy content. However, if your site has too much spammy content like this, that may affect our overall assessment of the site, result in a bad user experience, and affect your site’s reputation and ranking. Following are some example URLs where we found pages that have been compromised. Please review them to gain a better sense of where these spammy content appears. Please note that the list is not exhaustive. https://example.com/forum/ubbthreads.php?ubb=changeprefs&what=style&value=4&curl=https://spammyurl.tld Quote User-generated spam detected on https://example.com/ To: Webmaster of https://example.com/, Google has detected user-generated content on your site that is either malicious or of no value to Google Search users. This type of content leverages your site’s reputation to promote spam rather than the actual subject matter of your site. Therefore, a manual spam action has been applied to example.com/forum/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=. This also causes your site’s URLs to appear for queries not related to your actual site content, lowering the quality of search results for Google Search users and thereby also impacting your site’s reputation and ranking. For that reason, we strongly advise you to remove the spam and file a reconsideration request. After we evaluate your site and determine that you have complied with our guidelines, we will remove this manual action. I have tried to search but cannot find any threads with this in its links, maybe Google deleted it I don't know. I understand above redirects it to a third party spamsite..correct? Any ideas on what to do? thanks

Liked Replies
Re: Google Third-Party Spam Warning #265815 Nov 22nd a 10:58 PM
by Gizmo
Gizmo	Users have been crafting URLs using the curl redirect (Current URL sending traffic to the function) in UBB.threads, nothing is exploited on the site, but it's allowing them to forward requests on a page of your site to 3rd party destinations; until we get v8 out the door I'm sharing the patch with everyone now. Any 3rd party URLs with the below patch will be stopped by the system from redirecting them unless the redirected URL is from a local URL (on your site). Update: See this post for an update. In /scripts/changeprefs.inc.php Find: Code header("Location: $curl"); Replace with: Code if (strpos($curl, $_SERVER['SERVER_NAME']) !== false) { header("Location: $curl"); } else { $html->not_right($ubbt_lang['POST_PROB']); } This code change exists towards the bottom of the script file, then you can attempt to redirect on your own site as: https://example.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbcentral.com You can test this behavior here on UBBCentral by going to: https://www.ubbcentral.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbdev.com
2 members like this

Re: Google Third-Party Spam Warning #265851 Dec 3rd a 02:55 PM
by Philipp
Philipp	You should add ."/" after $_SERVER['SERVER_NAME'] because it is also possible to do a redirect like this: https://www.ubbcentral.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=//www.ubbcentral.com@ubbdev.com
2 members like this

Re: Google Third-Party Spam Warning #265848 Dec 2nd a 06:22 AM
by Gizmo
Gizmo	Just had the opportunity to rejigger the code again, instead of the above replacement: In /scripts/changeprefs.inc.php Find: Code header("Location: $curl"); Replace with: Code if (substr($curl, 0, strlen("//". $_SERVER['SERVER_NAME'] ."/")) === "//". $_SERVER['SERVER_NAME'] ."/") { header("Location: $curl"); } else { $html->not_right($ubbt_lang['POST_PROB']); } This code change exists towards the bottom of the script file, then you can attempt to redirect on your own site as: https://example.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbcentral.com -AND- https://example.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbdev.com/www.ubbcentral.com/ -AND- https://example.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=//www.ubbcentral.com@ubbdev.com You can test this behavior here on UBBCentral by going to: https://www.ubbcentral.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbdev.com -AND- https://www.ubbcentral.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=https://ubbdev.com/www.ubbcentral.com/ -AND- https://www.ubbcentral.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=//www.ubbcentral.com@ubbdev.com We'll need to touch base with the existing code to see what needs to be cleaned up further, but this should work to limit the URLs allowed to redirect with the changepreferences script.
1 member likes this

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Bots
by Outdoorking - 04/13/2024 5:08 PM

Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM

Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM

This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM

Is UBB.threads still going?
by Aaron101 - 04/01/2022 8:18 AM

Who's Online Now

0 members (), 868 guests, and 467 robots.

Key: Admin, Global Mod, Mod

Random Gallery Image

Latest Gallery Images

Los Angeles

Los Angeles
by isaac, August 6

3D Creations

3D Creations
by JAISP, December 30

Artistic structures

Artistic structures
by isaac, August 29

Stones

Stones
by isaac, August 19

Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)