There is probably a reason that Google do not publish these commands as they, while being very useful for the webmaster to secure their sites, can also be used by hackers to find information that is purposely hidden from "normal" searches.
An example of things that are normally hidden from a "normal" search are the location of data directories. The use of the inurl: operator with an argument of "index of" will reveal directories on the webserver that not been protected by turning off indexes.
This indexing behaviour can be turned off by a server directive:
 |
| A screen-shot from the www.googleguide.com website |
This indexing behaviour can be turned off by a server directive:
<Directory /var/www/sitewatch>
Options FollowSymLinks MultiViews
AllowOverride All
# Indexes (in Options line) removed 10 Jan 2012
Order allow,deny
allow from all
</Directory>
Links:- AKA - "Google Hack"
- The googlehacks website
- “Google Hack” honeypot
No comments:
Post a Comment