We are using Joomla for a public site and we are getting a ton of soft 404 errors that all look similar to
/?option=com_k2&view=itemlist&task=user&id=xxx
where xxx = some numeric id. Obviously this is some soft of spamming but how do I turn it off in Joomla/K2?
I'm not particularly Joomla oriented but this seems a task I should be able to accomplish if I can get an idea of "where" to fix the code. The page shows a warning instead of an error
Warning
JUser: :_load: Unable to load user with ID: 35414
so it seems the "page" is actually there but with no content. I'm guessing some internal handler is spitting this dynamic content out but I want to return 404 in this case. Any ideas would be appreciated.
I'm trying to understand the nature of your problem. What do you mean with "Soft 404" errors? Do you have 404 errors or not?
On my K2 websites, I have sometimes "visitors" who try to find holes in K2. I then have many, many accesses of the same page. These visitors try to post comments or somethings else on the articles or user profiles.
Is this a similar thing that is happening on your site?
Is there a (Joomla) user on your site with ID 35414? If not, you can be pretty sure that someone is trying to hack your site.
Is the URL always requested by the same user? You can find this in the log files of the Apache server. In such cases I add a "deny from" statement to my .htaccess file.
In case you seriously expect a K2 related issue, I would recommend to post the issue in the K2 forum. This forum is quite knowledgeable and JoomlaWorks makes a serious effort to bring good K2 customer support.
Related
Our website has a an article which is only available to registered users and is in the Category "Private" which runs a php script to display (low grade) personal information
The URL displayed when logging in and following the menus looks like this https://example.org/index.php/listsecretpage
Somehow a search engine found and indexed this page and then it could be viewed without being logged in using the URL like this https://example.org/index.php/2-features/445-secretpage
I assume that 2-features means this pages is the category called "features". Given my page is now in "Private" could this be a caching issue from before the category of this page changed nearly a year ago?
So some questions:
Perhaps most important - why did Joomla serve a page which was marked as Registered access only to non-registered users (esp. search engines)?
How can I stop Joomla serving (selective) pages which based on category as in index.php/2-features/dont_show_this_page ?
I could not see anything in the Maintenance: Clear Cache which related to my page - in fact very few seemed cached. Can one inspect the Joomla cache to clear selective pages or see which pages are cached?
Thanks
I try to answer to your questions.
I don't believe that the issue is related to Joomla cache.
I believe that your menu is set as private but your article is set as public. Could you please check this one?
There are many ways to stop serving private pages. For example, you can set a RewriteRule in the .htacces using the cookie which Joomla set when an user does the login. Neverthless, this ways aren't sure at 100%. Moreover, it is better to solve the problem at its source (see my answer above).
I hope I was of any help.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I want to know the advantage of 404 Not Found page. Why should one create a design for that ? Why not just set 404 header and redirect it to the home page with a message something like "What do you want of the URL? Please just walk into the website".
I figured many websites have a special page for the purpose. But why ?
Regards
404 Not Found
The 404 (Not Found) status code indicates that the origin server did not find a current representation for the target resource or is not willing to disclose that one exists. A 404 status code does not indicate whether this lack of representation is temporary or permanent; the 410 (Gone) status code is preferred over 404 if the origin server knows, presumably through some configurable means, that the condition is likely to be permanent.
Hypertext Transfer Protocol (HTTP/1.1), section 6.5.4
404 pages let users know that the page does not exist.
Many people will change the URL manually (for example, /pictures/page/1 to /pictures/page/2). If you redirect the user to the front page it will be confusing to them. What they expected to happen (either go to page 2 or get a "Page not found" error) will not happen; finding themselves on the front page is not useful.
The more important thing, however, is that users should ideally never see 404 pages. When they actually do see one, it should be very clear that the page does not exist. Redirecting them does not tell them that the page does not exist; it tells them that... it is the front page, which it should not be. It is confusing.
Another issue is that search engines may find it odd that a lot of your pages get redirected to your front page. It is not exactly how the internet is supposed to work, so they may actually penalize your website because of it.
If you want your users to have a good experience on your website then your 404 pages should attempt to help them find whatever they were looking for. Some things you can show the user are:
A search box. Google has custom search boxes you can put on your website, which only search your site. If making your own is too complicated then this is a good solution.
If you are able to do something like this, then showing the user content that may be similar to what they are looking for can be useful. Just make sure that it works reasonably well. For example if you cannot find anything similar then don't show random stuff -- it is not helpful.
The newest content on the page. This is especially useful if it is a blog, news site, or some other kind of website that frequently gets new content.
The most popular content. If the user is just browsing to pass the time then popular content may allow them to continue browsing without leaving your website.
A link to or showing a sitemap may also be useful if the website is small enough to summarise on one page.
...and so on. Just try to think of what would be helpful to the user.
A good custom 404 page will help people find the information they're looking for, as well as providing other helpful content and encouraging them to explore your site further.
Moreover if you do not make your own custom page, the server's 404 error will be displayed which would not go by the design of your website. There are also negative elements which would try to access the unauthorized pages, and keeping a check of the same will give a sense of secured website.
What if you go in a departmental store and looking for a soap which
actually is out of stock, but the store keeper just make you to start
again from the section. Isin't the message not available is a
better option? The same goes here
The idea of a 404 page is to tell the user that the file they were looking for wasn't found, or that the link they clicked on was broken.
Say you're running a news site and a user clicks on a link to an article on your site, but the article has been deleted. A 404 page makes it very clear to the user that the article is gone. If you just redirect them to your homepage, they might think a featured article on your page is the one they were linked to, or that they got redirected for no reason. They won't have any reason to think that what they were looking for no longer exists on your server.
So the purpose of a 404 page is to say "Hey, what you were looking for isn't here." If you want to get more fancy, you can even use a 410 error instead, which means "Hey, what you were looking for used to be here, but it's gone now."
EDIT: SOLVED
For anyone else who may come across this issue in the future, I'm afraid the best way to do this is to setup some 302 soft re-directs. I personally preferred to use a plugin for this.
The plugin was called "404 redirected" and does the job thus far. It's not the best solution in the world but it's the easiest to implement (should you ever have a client that requires this).
I have a unique problem here. I have a client who is dead set and persisent on having SOME of her pages end in .php. However, she doesn't want all of them to end in .php. She has her reasons I guess and she's not going to budge on it.
I've tried to install a plugin called Page Extension and it worked.. somewhat. Half the time the pages saved as .php would load and half the time they wouldn't.
Does anyone have any ideas on how to accomplish this? I'm stumped.
I've found plugins that'll apparently rename the entire website to .php but she doesn't want that.
Can this even be done with a Wordpress site?
Also, I installed a plugin called NextGen Gallery to get a quick gallery up and running and it broke a lot of crap. My error_log it spammed with messages like this after installing that plugin:
"WordPress database error Table 'xxxxxxx_xxxx.wp_posts' doesn't exist for query SELECT * FROM wp_posts where post_name='php-test' made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), do_action('template_redirect'), call_user_func_array, wp_fake_url->check_url"
Edit: The reason she wants these .php extensions so bad is because she's running a diving company/dive shop and I guess a bunch of travel agencies have all of these links from their original site. They get around 200-300 visitors a day to some of these pages already.
Is there any way to setup some kind of re-direct so when people try to visit blah/blah.php they'll be re-directed to blah/blah?
If there's absolutely no way to only make SOME pages .php or re-direct something like that, I guess I'll have to tell her but I'll probably lose that client.
EDIT: SOLVED
For anyone else who may come across this issue in the future, I'm afraid the best way to do this is to setup some 302 soft re-directs. I personally preferred to use a plugin for this.
The plugin was called "404 redirected" and does the job thus far. It's not the best solution in the world but it's the easiest to implement (should you ever have a client that requires this).
You can use the plugin to setup whatever kind of re-direct you want.
You'll find the re-direct panel in Settings>404 Redirected
Simply add your subdomain with the following extension that you want to add and people who visit that will be redirected to the regular URL
what.php will be re-directed to what/
I recently made some major changes to an ecommerce website that include url structure. The url to view a product is modified by .htaccess and contains a short product description that if changed will not affect the results on the page.
example: www.Example.com/staticFolder/non-deterministic-product-details/MODEL#.html
Now in the error log file I am seeing bingbot requesting pages like example.com/non-deterministic-product-details
Our sitemaps don't link to this page and I am not able to find any bad links on pages. Has anyone else had problems with bingbot doing this? I found another question that was locked for being random. Bingbot causing 404 errors. Is it more likely that I am doing something wrong? Should I avoid using psuedo directories in my .htaccess?
-Thanks
There's nothing requiring that spiders stick only to link-crawling. It's entirely possible it's guessing URLs which are similar to known ones in the hope that it'll find something.
At any rate, I wouldn't worry about it unless you know it's following a bad link. It's quite normal to get lots of requests for non-existent pages.
I have a url structure that looks something like some_page.php?id=123 and I get the id for that page and that is good.
But sometimes users either edit the url, or one way or another there is no id.
What do people usually do in that case? Should I just redirect the person to a 404 page? Or should I return 404 from that page in case they want to correct the url? Or is 404 the right thing to do in that case?
Also, how do I tell where this user came from?
Thanks!!
404, and don't redirect. Show them a nice error page but always give them at least the chance to correct the URL.
Also, make sure to actually send the header('HTTP/1.1 404 Not Found');
The symfony framework provides some built-in methods for dealing with the exact scenario you are describing. So issuing a 404 is a good strategy. Another idea is to offer a suggestive search if the asset cannot be found. For example, instead of just rendering a 404, you could actually do something like:
Sorry we could not find the asset you were looking for, below are some suggestions to better guide your search:
Books (12)
CDs (13)
DVDs (37)
This way you increase the users time on site, which should translate to more advertising dollars.