Outbound link check
Broken outbound links hurt UX and SEO. Malicious outbound links can get your domain flagged. SeoFreshUp scans every <a href> pointing to a different domain and gives you a verdict per URL.
What gets checked
For each unique outbound URL, the scan runs:
| Check | Source | What it detects |
|---|---|---|
| HTTP status | HEAD request, follow redirects (max 3) | 404, 5xx, timeouts, dead domains, redirect loops |
| Safe Browsing | Google Safe Browsing API (free key) | Phishing, malware, social engineering, unwanted software |
| VirusTotal | VirusTotal API (free key) | Cross-checked against 70+ AV engines |
| URLhaus | abuse.ch (free, no key needed for basic) | Malware distribution networks |
| Sucuri SiteCheck | Sucuri public endpoint (free, no key) | Blacklists across Google, Norton, McAfee, Yandex, ESET |
| PhishTank | PhishTank API (free key) | Verified phishing URLs |
| Affiliate detection | Domain pattern matching | Amazon, Awin, ClickBank, Skimlinks, etc. |
Run the scan
Toolbar at the top of the 🔗 Sortants tab:
- ☑ HTTP — fast, ~1 sec/URL
- ☑ Menaces — slow, ~3-8 sec/host (rate-limited by APIs)
- Click 🔍 Tout rescanner
For a blog with 500-1000 unique outbound URLs, expect 5-30 minutes for a full scan with all sources enabled. Results are cached 7 days — re-running won’t re-check URLs already verified recently.
Severity levels
- 🚨 Critique — 404, dead domain, malware, phishing, blacklisted
- ⚠ Warning — 3xx redirects (suspicious), slow responses, HTTPS→HTTP downgrade
- ℹ Info — affiliate links flagged for visibility (not a problem, just a marker)
- ✓ OK — 200 response, no threats detected
Per-URL actions
Each row has:
- 🔄 Re-test — bypass cache, re-check this URL now
- 🚩 Faux positif — mark as false positive (URL is excluded from critique/warning filters; still scanned but ignored if same status)
- 🗑 Retirer le lien — opens the article, removes the
<a>tag entirely - 📰 Articles (badge with count) — list of articles where this URL is referenced; click to expand
False positive handling
Some legitimate sites block our HEAD requests (typical with Cloudflare’s anti-bot, or sites that require a real User-Agent string). The plugin sets a realistic User-Agent and follows redirects, but ~5 % of legitimate URLs still flag as warning/critical.
For these, click 🚩 Faux positif and they’re ignored in your filters. The plugin remembers your decision until you click 🚩 Annuler le faux positif later.
API keys (optional)
Without API keys, the scan still runs HTTP + Sucuri + URLhaus checks (which are public). Adding API keys unlocks:
- Google Safe Browsing: better malware coverage. Free key at console.cloud.google.com/apis/library/safebrowsing.googleapis.com, 10k req/day free
- VirusTotal: cross-check across 70+ engines. Free key at virustotal.com/gui/sign-in, 4 req/min free
- PhishTank: verified phishing list. Free key at phishtank.com
- URLhaus auth key: higher rate limits, free at auth.abuse.ch
Configure them in Settings → Threats.
Bulk operations
Select multiple URLs, then bulk action:
- 🚩 Mark all as false positive
- 🚩 Unmark
- 🗑 Forget (remove from cache)