Strange Records on Redirect Topic is solved

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Post Reply
christoforosKor
Joomla! Intern
Joomla! Intern
Posts: 61
Joined: Mon Aug 27, 2012 2:22 pm

Strange Records on Redirect

Post by christoforosKor » Wed Jul 17, 2019 2:23 am

Hello,
In Componetns/Redirect I see some records like

Code: Select all

http://businessnews.gr/el/epixeiriseis/a;a.parentnode.insertbefore(y,a)})(window,document,
I check the source of the referencing page but I don't see any url like this.
Is this something I should worry?
Should I enable, diasable, remove this url from redirects?

User avatar
pe7er
Joomla! Master
Joomla! Master
Posts: 22235
Joined: Thu Aug 18, 2005 8:55 pm
Location: Nijmegen, The Netherlands
Contact:

Re: Strange Records on Redirect

Post by pe7er » Wed Jul 17, 2019 7:19 am

Don't worry. If you put something like /i-try-to-hack?this&website behind your domain name, it will appear in the Redirects manager.

What you see is the attempts of bots (programmed scripts) visiting your website and can try to "fingerprint" it (recognize the CMS). And/or bots trying known backdoor / vulnerabilities. The URLs in your Redirects Manager don't exist.

I would sort the Redirects on the 'hits' to see the URLs that have the most errors.
If it's genuine traffic for old (moved or deleted) content, then I would redirect them to the right places.
And URLs like /wp-login.php I would redirect to http://127.0.0.1 :-)
Kind Regards,
Peter Martin, Global Moderator
https://db8.nl - Joomla specialist, Nijmegen, Nederland
Co-developer of d2 Content https://data2site.com/joomla-extensions/d2-content

User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 25963
Joined: Mon Oct 27, 2008 9:27 pm
Location: Akershus, Norway

Re: Strange Records on Redirect

Post by Per Yngve Berg » Wed Jul 17, 2019 7:25 am

Turn off the Plugin that collects the URLs.

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 7740
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: Strange Records on Redirect

Post by sozzled » Wed Jul 17, 2019 7:51 am

I agree with @pe7er. Although it's true that if you disable "the plugin" will "remove" these "URLs" from the component, maybe you don't want to do that? Unless you actually use the component or some other means to redirect these attempts to snoop around your website, nothing is going to stop these attempts.

See also viewtopic.php?f=714&t=958501 for a much larger discussion about the issue.
https://www.kuneze.com/blog
I need your help to help reduce spam at the Joomla forum. You can help with your ideas, questions and opinions at viewtopic.php?f=7&t=974006. Together we can make a difference :)

Toobaali
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Jul 17, 2019 7:56 am

Re: Strange Records on Redirect

Post by Toobaali » Wed Jul 17, 2019 7:59 am

Basically, http://oldsubdomain.example.com is being redirected to http://example.com. Moreover, Google doesn't allow me to remove it (through Search Console) from their search database specifically because of this redirection.

User avatar
paulala
Joomla! Explorer
Joomla! Explorer
Posts: 301
Joined: Sat Oct 30, 2010 12:32 pm
Location: Scotland
Contact:

Re: Strange Records on Redirect

Post by paulala » Wed Jul 17, 2019 8:07 am

sozzled wrote:
Wed Jul 17, 2019 7:51 am
See also viewtopic.php?f=714&t=958501 for a much larger discussion about the issue.
Interesting read...
Warm Regards,
Paula Livingstone, Skydiving Instructor and Network Security Consultant
https://paulalivingstone.com
http://rustyice.co.uk


Post Reply

Return to “Security in Joomla! 3.x”