Crawler Hints sending common exploit URLs to Bing led to site delisting

I found my site delisted by Bing after many years of being the top result for my search terms. I noticed Bing’s index of my site content contained hundreds of junk URLs that do not exist, and never have.

So what’s happening is a bad actor is running exploit scans on the domain looking for compromised directories, eg

  • /admin
  • /blogs
  • /store
  • /backup
  • /wp2
  • /cms
  • /kcfinder
  • /dev
  • /demo

None of those exist so they cause a cache miss at Cloudflare, and Crawler Hints then submits this to Bing via IndexNow. I understand the intent behind Crawler Hints but this behaviour is extremely undesirable. This image shows junk URLs added by Crawler Hints to Bing’s index.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.