user image

Shilpa
Published in : 2022-02-26

Will Google Dorking save my secure WordPress website running on HTTPS?

Wordpress

I am running my customer's website on HTTPS with proper SSL installation, it has more than 7000 clients. Also, I have enabled some REST APIs to the website, in response to the endpoints - it shows the JSON body of the response. I want to know the way about how do I secure a website from exposing personal information obtained in the JSON body. (Because it may have word documents, text files with sensitive information, pdf files, or some encrypted password files too.)

I am worried about way back machine archives and google Dorking.

Can someone get my information from the wp-config.php file?

Can Google Dorking expose my code? Any idea?

 

Comments

Rakshit Date : 2022-03-06

Best answers

34

Best answers

34

After exploring more about Google dorking, Here are my findings.

Google Dorking (GD) is not made to expose anything private from your application/website. It is saying “Google looked in the google cache”, it shows only publicly accessible items only from your website to your reader who has required low/light internet connection. GD is not a way to exploit code to reveal secrets. To avoid such thing, you can check the checkbox saying, “discourage search engines to not index your articles…”

 

About your "wp-config.php"` is part of Wordpress and which cannot be accessible publically by any bots or any search engines or wayback machine. So don't worry it is safe until your access is not hacked or someone crack your website. WP-VCD Malware was the one, which destroyed millions of website, and put all website down at a time. You can visit here to read more about my WP_VCD attack analysis and solution.

 

Remember: Google dorking can only expose information that has already been exposed.

 

Reference: Wikipedia, WP_VCD

Leave a comment

Join us

Join our community and get the chance to solve your code issues & share your opinion with us

Sign up Now

Related posts

A custom WordPress Login page and URL
Publish date: 2022-02-10 | Comments: 2

Tag: Wordpress

Cpanel to Webmin migration 503 error
Publish date: 2021-08-12 | Comments: 4

Tag: Wordpress

How to display tags on each posts for customized wordpress theme?
Publish date: 2022-02-26 | Comments: 1

Tag: Wordpress

How to run wordpress with different themes in main domain and subdomain?
Publish date: 2022-03-01 | Comments: 1

Tag: Wordpress

[solved] How to change privacy policy text above place order button Woocommerce?
Publish date: 2022-01-08 | Comments: 2

Tag: Wordpress

[solved] undefined $post->ID in WP_Query()
Publish date: 2022-01-30 | Comments: 2

Tag: Wordpress

A Site Kit WordPress plugin bug.
Publish date: 2022-02-10 | Comments: 2

Tag: Wordpress

What is the best reference to the most used WordPress functions?
Publish date: 2022-02-09 | Comments: 2

Tag: Wordpress