fourwhitesocks on "Make .htaccess redirect spamy links that start with ? to an error page"

SiteLock insisted that they are in the code in the web site.

If this is true, it may signal that website might have been . If it's part of your code, then someone put it there.

If Sitelock is involved, they should be able to scan your website/files and tell you if there's any malicious code present.

If possible, can you share exactly what SiteLock said - copy/pasting it. It would help provide more clarity on the issue. Make sure to remove any sensitive information if you're pasting their response.

Also, if possible, can you show a screenshot of the Google Search Console where you see these URLs? It would help better understand the issue.

Lastly, I would check Google index to see if there are any "weird" pages indexed. When sites are , they tend to host all kinds of pages they don't even know about. Do a search: site:domain.com

Go through all search results and pages, looking for anything that shouldn't be there... like Viagra pages, for example.