GoFuckYourself.com - Adult Webmaster Forum - View Single Post

HairyChick · 12-06-2018, 08:50 PM

... the September listings?. I’ve got one site that isn’t a blog yet it’s listing traffic from them. The site has no content. Wordpress isn’t installed or zipped in any directory. I considered using it but switched scripts and haven’t told anyone yet.

If your blogs are there, how are they getting a list of plugins used? The themes listing is simple as most don’t remove the link or name from index.php. But plugins used is either via ftp file listings, typing in every known Wordpress-offered plugin or something insecure and open, right? I don’t recall plugins being public.

Their script scans Alexa, Google, and others for your domain and rank. There is some great information written and it’s free, but I don’t like listing publicly your plugins. I’ve used custom plugins written for me and users don’t need to know what info I’m logging from their visit.

If you hear of a backdoor in a plugin before that is made public, you can scan that sites’ monthly listing of new domains using that plugin. It seems like a key to the backdoor with full address is being given away.

Y’all might know of it but it’s the first time I’ve seen it in my logs. Without knowing how the info is gleaned, I can’t block the IP.

12-06-2018, 08:50 PM
HairyChick Slowly dying Industry Role: Join Date: Sep 2012 Location: Padanaram Posts: 3,091	Do Your Blog Stats Show Traffic From .. ... the September listings?. I’ve got one site that isn’t a blog yet it’s listing traffic from them. The site has no content. Wordpress isn’t installed or zipped in any directory. I considered using it but switched scripts and haven’t told anyone yet. If your blogs are there, how are they getting a list of plugins used? The themes listing is simple as most don’t remove the link or name from index.php. But plugins used is either via ftp file listings, typing in every known Wordpress-offered plugin or something insecure and open, right? I don’t recall plugins being public. Their script scans Alexa, Google, and others for your domain and rank. There is some great information written and it’s free, but I don’t like listing publicly your plugins. I’ve used custom plugins written for me and users don’t need to know what info I’m logging from their visit. If you hear of a backdoor in a plugin before that is made public, you can scan that sites’ monthly listing of new domains using that plugin. It seems like a key to the backdoor with full address is being given away. Y’all might know of it but it’s the first time I’ve seen it in my logs. Without knowing how the info is gleaned, I can’t block the IP. __________________ ***************************************** Anti-Semites have Small Penis Syndrome. The only known treatment is electroshock therapy combined with cerebellum removal. Fortunately, it’s a tiny procedure. *****************************************