Vulnerability: Sites should return 404 when ?q=spam-keyword appended to URL

An interesting discussion at Webmaster World points at a vulnerability to many sites. When ?q=spam-keyword is appended to a URL, the site should return 404.

I added ?q=spam-keyword to numerous vBulletin-based web sites (with and w/out vBseo), and most of them do happily resolve the URL instead of returning a 404.

There is a two page long discussion about this vulnerability over at Webmaster World. Members there suggest various rules added to .htaccess file to address this issue, but they don't yet seem to agree on the perfect solution.

I wonder if people here at this forum could attempt to address this issue. It certainly would be appreciated by many.

Here's the link to page one of the Webmaster World thread: Spam words in a query string - do these backlinks hurt rankings?

Wow, thanks for the tip, I just tried this on my website and it would indeed resolve the URL. Anyone have more input? I'm not exactly a guru at this stuff to make any ideas of my own, lol.

Not read the thread you have linked too, yet, but I know in Google webmaster tools you can tell google to ignore certain query parameters. In fact Google actually tells you (when it gets to know your site) which parameters it takes note of, and which it ignores. Would this not solve the problem? Not to mention that if you have 'canonical' tags search engines ignore other URL variations.

Google may allow you to setup ignore perameters but other search engines may not. It is to my understanding that search engines do not use the canonical tag to ignore other URLs but rather "Help Determine" the preferred URL.