[wp-hackers] Google Code Search vs WordPress
dabbaking at gmail.com
Fri Oct 6 01:36:09 GMT 2006
It looks like it's not parsing the file on the server. It looks like a lot
of people left the zip or tarball on the server with the config file in it.
It's parsing the archive with the file in it.
On 10/5/06, Ryan Duff <ryan at ryanduff.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Bas Bosman wrote:
> > Hi All,
> > I just saw this come by on IRC:
> > Although people leaving their backups on their server isn't really
> > WordPress' fault, I think we can expect to hear more from this.
> > Kind regards,
> > Bas Bosman (Nazgul)
> Google's Spider will only find things that are linked to (thus, the name
> spider). So, unless you're making a public repository of your database
> backups and creating a link to that folder from your website you should
> be safe.
> I can't speak for how its set up now, but I would imagine it would put
> them in some directory outside of your web root or one where the
> directory listing is denied to a browser via .htaccess. The latter is
> most likely the case.
> - --
> Ryan Duff
> AIM: ryancduff
> irc.freenode.net #wordpress #plogger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (Darwin)
> -----END PGP SIGNATURE-----
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers