Malware keeps redirecting from one of my URLs

Hi all

Hoping for a little help or guidance how to stop the spam/malware running redirects from my site, in particular

I have hundreds of links similar to the below displayed in my google console, with some creating serious errors [Server Error(5xx), Redirect error]

I also added

…which redirects to bbc.

What/how can I stop this?

Some of my .htaccess rules for venue.php

RewriteCond %{SERVER_PORT} 80
RewriteRule ^/?venue/([a-zA-Z-]+)${REQUEST_URI} [L,R=301]
RewriteRule ^/?venue/([a-zA-Z0-9-]+)$ venue.php?venue_id=$1 [L]

Many thanks,

Sorry if I’ve misunderstood, but surely what you need to do is find and remove the malware?

Your right, this is not malware sorry for confusion.
I should of used spam instead of malware.

Ok, simple question.
How do I stop/prevent the urls executing from my domain?

Example using bbc url:

How do I stop them?


It looks like the easiest fix would be to remove the venue.php file.

OK, I know that isn’t an option. You have this now?

RewriteCond %{SERVER_PORT} 80
RewriteRule ^/?venue/([a-zA-Z-]+)${REQUEST_URI} [L,R=301]
RewriteRule ^/?venue/([a-zA-Z0-9-]+)$ venue.php?venue_id=$1 [L] 

Can you edit the venue.php file or must this be done with htaccess ?

Thanks @Mittineague


Though I do need venue.php which is the template for displaying each and every venue. I run some PHP and SQL which generates the data based on the venue_id

I tried adding the count so only venues inside the DB would return, though this didn’t fix the redirecting issue.


$hello = $_GET['venue_id'];

if(isset($hello)) {
  $stmt = $mysqli->prepare("
    SELECT count(1)
    , v.venue_id

I can edit any: venue.php or htaccess, or both?

I also tried changing


Which limits what parameters can be used, again this didn’t help.
Every venue is char based with - for spacing, meaning no numbers or special chars will ever be needed.

Also wondering.

As it stands, venue.php can load on its own which shows a blank template in the browser. Not good practice I don’t think. Maybe something I need to refactor or change, redirect maybe if no venue_id is present?

I have lots of indexed files:

venue.php is redundant on its own.


This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.