- Posts: 12
COMMUNITY FORUM
K2 Users crawled by Google
- Trevor J Ellis
-
Topic Author
- Offline
- New Member
Less
More
2 years 11 months ago - 2 years 11 months ago #178724
by Trevor J Ellis
K2 Users crawled by Google was created by Trevor J Ellis
We have encountered a MAJOR security flaw where people can easily find part of the site that we want hidden. If this isn't the right forum, please let me know where to post it.We are using the K2 component extension with the Uber template. When somebody Google searches our website + SuperUser (see Img01). They are able to find a list of all the K2 items created by that user (see Img02).We DON'T want Google (or any search engine) to index these pages for any user. Can we either disable these list pages or alternatively, just stop Google from indexing them? Do we need to use a robots.txt to achieve this? Any help would be greatly appreciated!
UPDATE: We have found part of a solution here - www.joomlart.com/forums/d/35521-remove-author-meta-tag-on-k2-items/2. We disable Show Author Meta Tag in the Global Config for the Joomla site. When Google nexts recrawls the site, will it lose these pages from the indexing or do we need to request a full manual recrawl from Google webmaster?
UPDATE: We have found part of a solution here - www.joomlart.com/forums/d/35521-remove-author-meta-tag-on-k2-items/2. We disable Show Author Meta Tag in the Global Config for the Joomla site. When Google nexts recrawls the site, will it lose these pages from the indexing or do we need to request a full manual recrawl from Google webmaster?
Last edit: 2 years 11 months ago by Trevor J Ellis. Reason: UPDATE!
Please Log in or Create an account to join the conversation.
- Uzi
-
- Offline
- Premium Member
Less
More
- Posts: 140
2 years 11 months ago #178741
by Uzi
Replied by Uzi on topic K2 Users crawled by Google
This is not really a security flaw, this is just the author of the items being visible. I think you can disable the user pages altogether, but you can also do a override to remove the content of the pages.
Please Log in or Create an account to join the conversation.
- JoomlaWorks
-
- Offline
- Admin
Less
More
- Posts: 6211
2 years 11 months ago #178743
by JoomlaWorks
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Replied by JoomlaWorks on topic K2 Users crawled by Google
Actually, this is not a security flaw at all. This is called great SEO to be exact. It's why Google's E-A-T algorithm loves K2 content.
If you want to hide the names and URLs of users, you can do so with your category view options (for the names) and a redirect or custom message on the user.php override which lists a user's (author's) items.
If you want to hide the names and URLs of users, you can do so with your category view options (for the names) and a redirect or custom message on the user.php override which lists a user's (author's) items.
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Please Log in or Create an account to join the conversation.
- Trevor J Ellis
-
- Offline
- New Member
Less
More
- Posts: 12
2 years 11 months ago #178801
by Trevor J Ellis
Replied by Trevor J Ellis on topic K2 Users crawled by Google
Thank you very much. We've gone into the K2 Global Config settings and turned off all the user/author info so now the pages are blank. It was a security risk for us as we had some K2 items that were being password protected by another extension. However, you were able to read the content without entering a password by looking at the Super User's list of K2 items page.
Please Log in or Create an account to join the conversation.
- JoomlaWorks
-
- Offline
- Admin
Less
More
- Posts: 6211
2 years 11 months ago #178803
by JoomlaWorks
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Replied by JoomlaWorks on topic K2 Users crawled by Google
Yeah, this is like saying Joomla has a security flaw because the admin account is auto-filed when you go into /administrator...
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Please Log in or Create an account to join the conversation.
- Electronic Beatz Network
-
- Offline
- New Member
Less
More
- Posts: 18
2 years 1 month ago #179898
by Electronic Beatz Network
Replied by Electronic Beatz Network on topic K2 Users crawled by Google
Is it possible to deactivate all userpages and especially the links generated in the header/json?
On every page i have a simmilar entry like this:
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/events/autor/NUMBER-administrator"
},
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/live/autor/NUMBER-administrator"
},
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/broadcast/autor/NUMBER-administrator"
},
I don't want this because every article from different categories links to another author-page with the same content.
On every page i have a simmilar entry like this:
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/events/autor/NUMBER-administrator"
},
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/live/autor/NUMBER-administrator"
},
"author": {
"@type": "Person",
"name": "Administrator",
"url": "https://URL/broadcast/autor/NUMBER-administrator"
},
I don't want this because every article from different categories links to another author-page with the same content.
Please Log in or Create an account to join the conversation.
- Electronic Beatz Network
-
- Offline
- New Member
Less
More
- Posts: 18
2 years 3 weeks ago #179904
by Electronic Beatz Network
Replied by Electronic Beatz Network on topic K2 Users crawled by Google
Hi. Is it possible to deactivate o rchange the generated json-code in the html-head?
We have deactivated userprofiles but they are still linked in the html-head like this
"author": {
"@type": "Person",
"name": "BCEditor",
"url": "https://URL/releases/autor/583-bceditor"
},
We have deactivated userprofiles but they are still linked in the html-head like this
"author": {
"@type": "Person",
"name": "BCEditor",
"url": "https://URL/releases/autor/583-bceditor"
},
Please Log in or Create an account to join the conversation.
- Philippe Marty
-
- Offline
- Junior Member
Less
More
- Posts: 22
2 years 3 weeks ago #179905
by Philippe Marty
Replied by Philippe Marty on topic K2 Users crawled by Google
I don't know where to ask for this...
It's impossible to create new topic on the forum there is problem with the editor!
It's impossible to create new topic on the forum there is problem with the editor!
Please Log in or Create an account to join the conversation.
- JoomlaWorks
-
- Offline
- Admin
Less
More
- Posts: 6211
2 years 3 weeks ago #179907
by JoomlaWorks
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Replied by JoomlaWorks on topic K2 Users crawled by Google
@Philippe Marty The issue has been resolved (it was caused by a bad update of the forum software - Kunena)... You can now create a new thread.
This message will be deleted in ~24 hrs as it's offtopic to the rest of the thread.
This message will be deleted in ~24 hrs as it's offtopic to the rest of the thread.
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Please Log in or Create an account to join the conversation.