Exactly... and on that note: http://www.whitehouse.gov/robots.txt
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To
Some php projects had to cope with that.
I can remember phpbb : http://isc.sans.org/diary.php?date=2004-12-21
But many other projects suffered from this .
> is there enough advantage to be had by
> parsing the HTML response of a google search, that malware writers
> would bother to write that,
Seems to me that robots.txt is the first place I'd look if I was looking
to cause some trouble. :)
Jay
Ian Clelland wrote:
> I always
> assumed that all they would do is connect over port 80, and try to
> retrieve something like /admin/, or another platform-specific resource
> over http, and
On 8/18/06, Ian Clelland <[EMAIL PROTECTED]> wrote:
> I'm actually curious though -- is there enough advantage to be had by
> parsing the HTML response of a google search, that malware writers
> would bother to write that, rather than just trying IPs at random?
Yup.
The 'Santy' worm[1] (which
On 18/08/2006, at 4:39 PM, Ian Clelland wrote:
>
> On 8/17/06, Ian Holsman <[EMAIL PROTECTED]> wrote:
>> this is how various worms spread in the past. they did a google
>> search for a specific 'feature'
>> and then with a known vulnerability in hand, they would attack that
>> site, put their
On 8/17/06, Ian Holsman <[EMAIL PROTECTED]> wrote:
> this is how various worms spread in the past. they did a google
> search for a specific 'feature'
> and then with a known vulnerability in hand, they would attack that
> site, put their worm on it, and repeat.
Ian,
Do you know of worms that
On 8/17/06, Adrian Holovaty <[EMAIL PROTECTED]> wrote:
> You're right -- it doesn't really matter. This was just a small change
> to hide the pages from bots, because there's really no value in Google
> indexing the admin login screens. (Other than the coolness factor of
> being able to do one of
On 18/08/2006, at 12:56 PM, Deryck Hodge wrote:
>
>
> I know I'm missing something obvious, but why is this a problem? It's
> not like the default, well-documented admin location isn't /admin/ on
> a Django site. I not trying to be a smart aleck or critical. I'm
> really curious what I'm
On 8/17/06, Deryck Hodge <[EMAIL PROTECTED]> wrote:
> I know I'm missing something obvious, but why is this a problem? It's
> not like the default, well-documented admin location isn't /admin/ on
> a Django site. I not trying to be a smart aleck or critical. I'm
> really curious what I'm
On 8/17/06, Adrian Holovaty <[EMAIL PROTECTED]> wrote:
>
> On 8/17/06, Ian Holsman <[EMAIL PROTECTED]> wrote:
> > actually we can help there as well by putting in a
> > in the default
> > admin base_site.html file.
>
> That's a great idea -- I've taken care of that in changeset 3600.
An FYI and
On 8/17/06, Ian Holsman <[EMAIL PROTECTED]> wrote:
> actually we can help there as well by putting in a
> in the default
> admin base_site.html file.
That's a great idea -- I've taken care of that in changeset 3600.
Adrian
--
Adrian Holovaty
holovaty.com | djangoproject.com
actually we can help there as well by putting in a
in the default
admin base_site.html file.
/me goes to switch URL paths to make it a bit less obvious on his sites
On 18/08/2006, at 5:12 AM, James Bennett wrote:
>
> On 8/17/06, wiz <[EMAIL PROTECTED]> wrote:
>>
On 8/17/06, James Bennett <[EMAIL PROTECTED]> wrote:
> On 8/17/06, wiz <[EMAIL PROTECTED]> wrote:
> > http://www.google.com/search?hl=en==Django+administration+Admin+Log+in+Username+Password=Search
Incidentally, using Google's 'allintitle' keyword gives better
results:
On 8/17/06, wiz <[EMAIL PROTECTED]> wrote:
> http://www.google.com/search?hl=en==Django+administration+Admin+Log+in+Username+Password=Search
And... that just tells us that people need to have their robots.txt
disallow '/admin/' (or wherever they choose to have their admin app
live). I would
http://www.google.com/search?hl=en==Django+administration+Admin+Log+in+Username+Password=Search
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to
15 matches
Mail list logo
