Link to home
Start Free TrialLog in
Avatar of Gale W
Gale WFlag for United States of America

asked on

GA says Homepage has many unexplained homepage extensions that begin with /?kw=.....

Found 50+ instances of this when reviewing Google Analytics/All Traffic/Channels report.   They all are list as separate landing pages for my site.  One is  /?kw=casa, another is  /?kw=sweepstakes.  All lead to my site homepage if you click on them in the GA pages or if typed into address bar. Overall Site traffic is way off as well.  These individual /?kw= pages normally only show 1 or so hits in the last month.  Are these harmful, or should is just filter them from my report view?
Thanks, Gale W.
Avatar of Jason C. Levine
Jason C. Levine
Flag of United States of America image

Check your site immediately for altered/introduced files and code.  Those inbounds look like triggers to me that could set off bad behaviors.
Are these expected and intended to be part of your web site?  What functionality is assigned to the kw request variable?
Avatar of Gale W

ASKER

Thank you both,
These were not set up by us, no idea where they originated.  Odd they do all take you to our homepage, so it's not like they are stealing traffic and redirecting it.  I'll have to dig to learn how to look for altered or added files.  Guessing they would be added to the homepage as that is where they take you?
Well, the home page is the starting point for it.  If you're really lucky, they merely altered the home page code and that's fairly easy to spot.  Usually this stuff is done by altering a called file from the home page so you have a lot of work to do.

And Ray's right...it may not be malicious and something the previous developers did.  So you should expand the search to look for any function in your code that processes the GET variable and does something with it. Since kw could mean "keyword" hopefully this is some SEO grey-hat thing.

But there's more options than just stealing/redirecting traffic.  Your site could be used as an attack vector against other sites or the invocation of the kw code...
SOLUTION
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Gale W

ASKER

Would using Chrome's "view source code" function be sufficient to see what I'm looking for?  
Still getting used to Wordpress editor, which seems to let you see all the site pages code
when editing EXCEPT the home page. GW
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Gale W

ASKER

Thanks again to you both.  Like many things, everyone says how easy Wordpress and Webdesign are--until there's problem.  Good to know smart & generous folks are out there when you need them.