[quote name=‘adodric’]If your admin page has no links to it then it is almost 100% certain that it will not be indexed. However, lets put that debate aside and continue with the topic. Do not put your admin.php (whatever the name is) in your robot.txt file. There is a better way for that page I believe:
Add a meta tag to that page only, the meta tag is:
If the content is currently in our index, we will remove it after the next time we crawl it. To expedite removal, use the URL removal request tool in Google Webmaster Tools.[/quote]
[quote name=‘adodric’]If your admin page has no links to it then it is almost 100% certain that it will not be indexed. However, lets put that debate aside and continue with the topic. Do not put your admin.php (whatever the name is) in your robot.txt file. There is a better way for that page I believe:
Add a meta tag to that page only, the meta tag is:
[quote name=‘adodric’]If your admin page has no links to it then it is almost 100% certain that it will not be indexed. However, lets put that debate aside and continue with the topic. Do not put your admin.php (whatever the name is) in your robot.txt file. There is a better way for that page I believe:
Add a meta tag to that page only, the meta tag is:
This is very true. Overall the argument is dumb anyways. No one hacks a site because of whats in a robots.txt file. A site gets hacked because of vulnerabilities to code or the overall platform it rests on. So even if they get to the admin.php if the code is solid and passwords are secure, there should be no problems. At least we’ve established multiple ways to secure it and it is up to each site’s owner on how they wish to manage…
[quote name=‘Ion_Cannon’]I don’t really understand what you are talking about… are you saying if the page isn’t in the robots.txt file it won’t be published to Google??[/quote]
Yep, No URLs in, then google cant see it. It’s not a foolproof method if you publish your URL over the internet however you are got going to have much luck finding myadministration110.php in any of my URLs etc.
[quote name=‘Ion_Cannon’]This is very true. Overall the argument is dumb anyways. No one hacks a site because of whats in a robots.txt file. A site gets hacked because of vulnerabilities to code or the overall platform it rests on. [/quote]
Not true, I look for admin.php everyday since it’s the easiest way to exploit the website. In fact give me access to any CS-Cart based website and I’ll have the Database, Database Password and Login information published within 5 minutes. It’s quite simple and easy to do (in case anyone is wondering I dont’ use the file uploader ;)) [Only if I have an administration login working :P]
So yes, The website is attacked because it’s vulnerable, but refer back to: if the website has admin access urls published (in the first place) then hacks like this are somewhat useless:
http://www.milw0rm.com/exploits/6352
Not true, I look for admin.php everyday since it’s the easiest way to exploit the website. In fact give me access to any CS-Cart based website and I’ll have the Database, Database Password and Login information published within 5 minutes. It’s quite simple and easy to do (in case anyone is wondering I dont’ use the file uploader ;)) [Only if I have an administration login working :P[/QUOTE]
Maybe limited to CS-Cart but pro hackers will not attack a site through an admin login panel. Leaves too many traces, they will exploit flaws in apache, the Operating system or other less known vulnerabilities. Script kiddies go after the admin pages…
[quote name=‘Ion_Cannon’]Maybe limited to CS-Cart but pro hackers will not attack a site through an admin login panel. Leaves too many traces, they will exploit flaws in apache, the Operating system or other less known vulnerabilities. Script kiddies go after the admin pages…[/quote]
I’m protecting against the kiddy scripts which seem to cause the most amount of news-worthy bulletins (a joke) whereas we can’t necessarily protect against the elder hackers without a system administrator on board who typically does these things for us anyway
Congratulation!