0

Over the last six months I have been seeing thousands of hits against non-existant, bad URLs under my company's domain (.NET CMS site running on Windows 2012 R2). For example, the correct friendly URL for a real page on our site will be "https://example.com/foldername1/foldername2". However, in analytics, I will see thousands of hits against "https://example.com/foldername1/foldername2/example.com", a malformed URL showing two top level domains.

  • Google Analytics doesn't appear to provide any info as to where these bad hits are originating from.

  • Because there is a duplicate TLD in the URL, I can't set up an alias in my CMS to catch and redirect these bad links.

  • I have tried setting up a rule in IIS8 URL rewriting to catch the bad traffic, but it doesn't seem to accept the duplicate TLDs either.

Is there any known way to catch and redirect bad traffic like this? Thank you for any advice.

Wolf Tone
  • 3
  • 1

1 Answers1

1

There's not really a duplicate TLD, because only the first occurrence is on the hostname and the second is in the path. The way the IIS rewrite rules work (cf. https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module), it is fed the path part (i.e., foldername1/foldrname2/example.com) only anyway. Hence a pattern of ^(.*)/example.com$ should match what you want (and {R:1}as action).

I would first check, however, if there is any reason to believe that the requests are legitimate at all. If not, then the 404 they are (presumably) already served should be good enough (and that saves you from evaluating the pattern against all valid requests)

Hagen von Eitzen
  • 824
  • 3
  • 17
  • 43