Results 1 to 3 of 3
  1. #1
    Join Date
    Aug 2009
    Location
    North Idaho, USA
    Posts
    2,008
    Plugin Contributions
    1

    Default Google trying to index SecretAdminFolder

    I was wondering how the 'Secret Admin Folder' got out in the wild so easily even when I call myself exercising extreme caution.

    Google is trying to index/follow the link to the admin login. Google appears to be harvesting the link from a Chrome Bookmark.

    What I did to prove it to myself, changed the link in the Chrome Bookmark a couple of times.
    • The bookmark originally saved had a zenID. I changed a few characters in the zenID in the saved bookmark.
    • A few days later, the server logs showed the IP address of a GoogleBot testing the link.
    • Changed the link in the bookmark again, this time, removing the zenID altogether.
    • A few days later, the server logs showed the IP address of a GoogleBot testing the link without a zenID.


    Since the admin folder is password protected and requires login before even getting to the ZenCart login screen, it is not a huge deal in this case.
    Rick
    RixStix (dot) com
    aka: ChainWeavers (dot) com

  2. #2
    Join Date
    Jan 2007
    Location
    Australia
    Posts
    6,167
    Plugin Contributions
    7

    Default Re: Google trying to index SecretAdminFolder

    There are many ways that the name of the secretadmin folder can leak, and the Chrome browser being the biggest risk.

    For whats its worth though, securtity by obscurity, which is what this is, tends to be worse than no security at all because it lulls people into a false sense of security. This was lesson#1 in my studies in network security well over a decade ago, and to be perfectly blunt, I have hated the zencart team from the day they made the suggestion to rename the admin folder, and despised them when they decided it was a good idea to force the name change upon us.

    Just my 2cents.

  3. #3
    Join Date
    Mar 2009
    Posts
    169
    Plugin Contributions
    2

    Default Re: Google trying to index SecretAdminFolder

    Is it possible that a third-party Chrome extension is crawling your bookmarks - possibly adding them to some sort of indexing system and publishing them online - after which Google crawls the third-party index and then retrieves these links?

    I can't believe Google Chrome would index bookmarks.

 

 

Similar Threads

  1. Trying to add custom HTML content to the index page only.
    By inthecomputer in forum Templates, Stylesheets, Page Layout
    Replies: 6
    Last Post: 23 Jun 2008, 11:04 PM
  2. I am trying to get 2 columns of categories on the index page.
    By member in forum Templates, Stylesheets, Page Layout
    Replies: 9
    Last Post: 12 Jul 2007, 12:31 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR