Join Log in
Score:0
avatar Server

How to add meta tags to a query string in Nginx?

in flag
cheonmu

My website has been hit by a massive internal search spam attack.

Tens of thousands of spam links have been indexed by Google, and I'm trying to add Noindex and Nofollow tags to my search results page.

My search results page uses ?s= query string.


https://example.com/?s={search_term_string}

And I tried the following code, but it doesn't work.

    location / {
        try_files $uri $uri/ /index.php?$args;                      
        if ($arg_s) {

                    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
        }
 }

Server block

        #세오토토
fastcgi_cache_path /var/cache/nginx/example levels=1:2 keys_zone=example:200m inactive=60m use_temp_path=off;   

add_header Fastcgi-Cache $upstream_cache_status;



server {
    listen 80;
    server_name  example.net www.example.net;
    location /{
            return 301 https://$host$request_uri;
        }

}

server {
    listen 443 ssl http2;
    server_name  example.net www.example.net;
    root /var/www/example;
    index index.php;


    ssl_certificate /etc/letsencrypt/live/example.net-0001/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.net-0001/privkey.pem;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/letsencrypt/live/example.net/fullchain.pem;
    #resolver 8.8.8.8 8.8.4.4 valid=300s;
    #resolver_timeout 5s;


    # Set caches, protocols, and accepted ciphers. This config will
    # merit an A+ SSL Labs score.
    ssl_session_cache shared:SSL:10m;
    ssl_buffer_size 4k;
    ssl_ecdh_curve secp384r1;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
    error_log /var/log/nginx/example.error.log crit;
    
    
    set $skip_cache 0;

    # POST requests and urls with a query string should always go to PHP
    if ($request_method = POST) {
        set $skip_cache 1;
                       set $skip_reason "POST";
    }   
    if ($query_string != "") {
        set $skip_cache 1;
                       set $skip_reason "QUERY_STRING";
    }   

    # Don’t cache uris containing the following segments
    if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
        set $skip_cache 1;
    }   

    # Don’t use the cache for logged in users or recent commenters
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
        set $skip_cache 1;
    }
    
    

    # Block dot file (.htaccess .htpasswd .svn .git .env and so on.)
    location ~ /\. {
        deny all;
    }
 
    # Block (log file, binary, certificate, shell script, sql dump file) access.
    location ~* \.(log|binary|pem|enc|crt|conf|cnf|sql|sh|key|yml|lock)$ {
        deny all;
    }
 
    # Block access
    location ~* (composer\.json|composer\.lock|composer\.phar|contributing\.md|license\.txt|readme\.rst|readme\.md|readme\.txt|copyright|artisan|gulpfile\.js|package\.json|phpunit\.xml|access_log|error_log|gruntfile\.js)$ {
        deny all;
    }
     location = /xmlrpc.php {
        deny all;
        access_log off;
        log_not_found off;
        return 444;
    }
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }
 
    location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
        access_log off;
        log_not_found off;
        expires max;
    }
 
 
    # Block .php file inside upload folder. uploads(wp), files(drupal), data(gnuboard).
    location ~* /(?:uploads|default/files|data)/.*\.php$ {
        deny all;
    }
 
 # START Nginx Rewrites for Rank Math Sitemaps
    rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
    rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;


    location / {
        try_files $uri $uri/ /index.php?$args;        
        
                
        if ($arg_s) {
                    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
        }
        
    }

    # Allow Lets Encrypt Domain Validation Program
    location ^~ /.well-known/acme-challenge/ {
        allow all;
    }


    location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         fastcgi_cache_bypass $skip_cache;
        fastcgi_buffer_size 16k; 
        # should be enough for most PHP websites, or adjust as above
        fastcgi_busy_buffers_size 24k; 
        # essentially, proxy_buffer_size + 2 small buffers of 4k
        fastcgi_buffers 64 4k; 
        # should be enough for most PHP websites, adjust as above to get an accurate value
        fastcgi_no_cache $skip_cache;
        fastcgi_cache example;
        fastcgi_cache_valid 60m;
        add_header WP-Bullet-Skip $skip_reason;
        add_header X-FastCGI-Cache $upstream_cache_status;
    }
    

    
      # configuration
   include optimization/*.conf;
}

The optimization folder contains only files related to Gzip and caching.

Can someone please advise me where I need to modify?

358
1 + 4
in flag
cheonmu
Hi @RichardSmith I put if block into server context. but it occur ```add_header directive is not allowed here in /etc/nginx/conf/example.conf``` error. And I updated my entire server block in the body of the post.
0
Reply
Richard Smith avatar
jp flag
Richard Smith
Use a `map` instead of `if`. See [this answer](https://serverfault.com/questions/1120155/how-to-override-nginx-response-headers-in-php/1120170#1120170).
0
Reply
in flag
cheonmu
Hi.I saw a number of comments you wrote and tried the following test. ```map $request_uri $robot_header { default ""; ~.*/(?s) "noindex, nofollow"; }``` ```server{.. add_header X-Robots-Tag $robot_header;``` This doesn't give an error, but it doesn't work... can anyone tell me where I'm going wrong?
0
Reply
Richard Smith avatar
jp flag
Richard Smith
To limit the match to `/?s=...` use `~^/\?s=`
0
Reply
Score:0
avatar Server
us flag
Tero Kilkanen

You should be able to use the following map:

map $arg_s $robot_header {
    ~^.+$ "noindex, nofollow";
    default "";
}

server {
    add_header X-Robots-Tag $robot_header;
}
+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.