1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 2:24 am May 22, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Removing Software "Footprints"

How paranoid are you?

         

rogerd

4:27 pm on Dec 22, 2004 (gmt 0)

WebmasterWorld Administrator 10+ Year Member



I've always been an advocate of removing the most obvious signs that you are using particular software to drive your site. My own paranoia goes back to the days of search engine penalties (or algo adjustments) for particular software, and has been reinforced by hackers targeting specific software vulnerabilities. Now we see automated searches being used by worms [webmasterworld.com] to identify targets for infection.

I'm curious as to how other WebmasterWorld members are dealing with this issue, if at all.

Some of the most obvious steps:
1) Remove "powered by" and similar text.
2) Remove on-page "copyright" text or convert to image.
3) Change default installation directory and file names to foil both searches and brute-force attacks.
4) Remove/change other giveaways (ancient SEOs remember the infamous "blueline.gif" that undid many thousands of pages), i.e., anything that a hacker or other problem user could plug into a search engine to easily find sites using particular software.

What less obvious things have you done? And how do you deal with the software provider's need to display copyright or other legal notices (if they don't offer a paid option for this)?

treeline

5:12 pm on Dec 22, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



  • make directories non-readable

  • traps for bots seeking problematic files

  • move password files outside the directory tree

  • change the directory and name of admin files

    • coopster

    6:39 pm on Dec 22, 2004 (gmt 0)

    WebmasterWorld Administrator 10+ Year Member



    Extension-less pages (Content Negotiation)

    jatar_k

    6:48 pm on Dec 22, 2004 (gmt 0)

    WebmasterWorld Administrator 10+ Year Member



    all the no footprint scripts I write have similar attributes

    they are all powered by config scripts that store all paths, directories, files. The scripts don't care what you name any of the files or directories and don't care where you put them or any of the other scripts they use.

    there are no set tags/text in any of the distributed code

    they allow you to configure output so there are no common attributes to the html either, unless you make them that way ;)

    more web software programmers should spend time with SEOs

    moltar

    11:16 pm on Dec 22, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member



    What's the blueline.gif story? I have never heard of that.

    bill

    7:00 am on Dec 23, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



    > What's the blueline.gif story?

    <short version> WebPosition Gold (WPG), an early SEO software package for the masses, used to put that GIF file in pages it generated. The SEs got wise and peanlized sites using it.

    keyplyr

    9:09 am on Dec 23, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month




    2) Remove on-page "copyright" text or convert to image

    Why would you want to do this?

    coopster

    3:13 pm on Dec 23, 2004 (gmt 0)

    WebmasterWorld Administrator 10+ Year Member



    So the text cannot be scanned by automated worms looking for particular software packages with known vulnerabilities (see link in first message).

    keyplyr

    7:15 pm on Dec 23, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



    OK - I guess my question is, how would the word "copyright" indicate that the webpage has/is using a particular software. I would imagine that billions of webpages display that text.

    treeline

    7:31 pm on Dec 23, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member



    If it said copyright phpbb it would be very useful for finding copies of phpbb. If you happened to be a worm looking for phpbb.

    Farix

    12:39 am on Dec 24, 2004 (gmt 0)

    10+ Year Member



    The problem of removing "powered by phpBB" is that you will not get any support if you ever run into a problem.

    keyplyr

    1:13 am on Dec 24, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



    If it said copyright phpbb it would be very useful for finding copies of phpbb

    I can appreciate that, but my original reply was to the statement made by rogerd:

    Remove on-page "copyright" text or convert to image

    ...which I am still stumped about the warning to remove the word "copyright" from webpages.

    jcoronella

    2:13 am on Dec 24, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member



    The problem of removing "powered by phpBB" is that you will not get any support if you ever run into a problem.

    You could replace with a gif version.

    leadegroot

    2:42 am on Dec 24, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member



    No, no, they are suggesting the removal of strings such as 'copyright $SOFTWAREPACKAGE', not just 'copyright' in general.

    Or, if the license requires that it be there, put up an image instead.

    graywolf

    2:37 pm on Dec 24, 2004 (gmt 0)

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



    Don't let any programers leave social traces in the comments

    <!-- changed by John Smith 12-24-2004 -->

    Makes it easier to guess/reverse engineer username and passwords to gain access.

     

    Join The Conversation

    Moderators and Top Contributors

    Hot Threads This Week

    1. Home
    2. Forums Index
    3. WebmasterWorld / Webmaster General 2:24 am May 22, 2026