[wp-hackers] Google Code Search vs WordPress

Ryan Duff ryan at ryanduff.net
Thu Oct 5 23:16:10 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bas Bosman wrote:
> Hi All,
> 
> I just saw this come by on IRC:
> http://www.litwc.com/2006/10/05/google-presents-code-search-and-its-threat-to-wordpress-security/
> 
> Although people leaving their backups on their server isn't really
> WordPress' fault, I think we can expect to hear more from this.
> 
> Kind regards,
> Bas Bosman (Nazgul)
> 


Google's Spider will only find things that are linked to (thus, the name
spider). So, unless you're making a public repository of your database
backups and creating a link to that folder from your website you should
be safe.

I can't speak for how its set up now, but I would imagine it would put
them in some directory outside of your web root or one where the
directory listing is denied to a browser via .htaccess. The latter is
most likely the case.

- --
Ryan Duff
http://ryanduff.net
AIM: ryancduff
irc.freenode.net #wordpress #plogger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFFJZI6GRpzWYYIHQ4RApIYAJwMe/7kGK8pQg/oMObm3NdJ77xE4ACgl6QQ
Axk0+INzYqbaLcGrk/UxhDk=
=xHeh
-----END PGP SIGNATURE-----


More information about the wp-hackers mailing list