Security, search engines, and other bots

The place to talk about things that are related to CMS Made simple, but don't fit anywhere else.
Post Reply
sayitlikeitis
Forum Members
Forum Members
Posts: 45
Joined: Tue Nov 28, 2006 7:46 pm

Security, search engines, and other bots

Post by sayitlikeitis »

I have a couple of questions about security and browser search engines.

I gather CMS stores its content in a mySQL database.  I’m not sure where I picked that up; I probably read it somewhere, but if I’m wrong perhaps someone can correct the error of my ways.

Anyway, to continue.  I presume there is a file somewhere, perhaps called ‘index.php’ rather than ‘index.html’ and I presume Google can find it, and looks inside it and finds out where the mySQL database is located, and proceeds to scan the records of the database for content.  (This is all supposition on my part.)

I don’t have any issues with that.  In fact if that’s the case, it seems very clever.  However, what does concern me is that our user codes and passwords may also be in a database table. If that database is being scanned by Google for content, then possibly the usercodes are being scanned too.  I hope not.

How is one part of the system open to the public and usercodes and passwords kept secure?
Top
Dee
Power Poster
Power Poster
Posts: 1197
Joined: Sun Mar 19, 2006 8:46 pm
Location: the Netherlands

Re: Security, search engines, and other bots

Post by Dee »

sayitlikeitis wrote: Anyway, to continue.  I presume there is a file somewhere, perhaps called ‘index.php’ rather than ‘index.html’ and I presume Google can find it, and looks inside it and finds out where the mySQL database is located, and proceeds to scan the records of the database for content.  (This is all supposition on my part.)
Google finds index.php, but can only request it from the webserver. The webserver parses the PHP file and returns the same HTML to Google that is returned to your browser when you watch the page. There is no way it can look "inside it".

Regards,
D
Top
sayitlikeitis
Forum Members
Forum Members
Posts: 45
Joined: Tue Nov 28, 2006 7:46 pm

Re: Security, search engines, and other bots

Post by sayitlikeitis »

Dee wrote: There is no way it can look "inside it".
Well that's a relief.  But what about the nasty little bots that are scampering around the web looking for our personal stuff?  Can they get into the database?
Top
Pierre M.

Re: Security, search engines, and other bots

Post by Pierre M. »

Humm, you shouldn't put secrets on the web. Unless you strongly know how to protect them.

If you set up a lazzy way to browse them "the nasty little bots that are scampering around the web looking for our personal stuff" can find them. You should know (HTTP and) what you are doing.

Please remember that a CMS is a way to broadcast information to the public.

Pierre M.
Top
Post Reply

Return to “The Lounge”