Don’t wanna hate but maybe this will stir the pot: any time I go to a website and go “this is definitely Wordpress” I’m usually right (I check with the Webappalyzer extension).
It really depends on how much customization has gone into the site. TechCrunch, Wired, and TIME all use WordPress for example, but their theme is customized to the point where you can’t really tell that it’s WordPress. There are some ways to tell though, for example some of the larger sites are hosted by Automattic (these say “powered by WordPress VIP” in the footer), and /wp-admin usually still works to go to the login page.
Yeah, that’s a fair point. I’ve been surprised to see a website is Wordpress from time to time.
As far as /wp-admin goes, I know all about that! Any web server I’ve run is constantly overrun with bots trying to hack it. A lot of times I configure nginx to simply drop connections to any URL ending in .php or GZIP bomb.
I’ve looked into it a few times and it just seemed complicated to do within a Docker container but I could be wrong. I might have ChatGPT guide me on that endeavor.
Thanks! Though I’m mainly only wanting to protect ports 80 and 443. Usually when it comes to web apps I Dockerize it and call it a day, so there is no SSH daemon hanging around.
Yeah for personal stuff I prefer my own stuff, but for business I find Fly to be phenomenal. I can always “SSH” into a container if needed (though it’s definitely not SSH).
Don’t wanna hate but maybe this will stir the pot: any time I go to a website and go “this is definitely Wordpress” I’m usually right (I check with the Webappalyzer extension).
It really depends on how much customization has gone into the site. TechCrunch, Wired, and TIME all use WordPress for example, but their theme is customized to the point where you can’t really tell that it’s WordPress. There are some ways to tell though, for example some of the larger sites are hosted by Automattic (these say “powered by WordPress VIP” in the footer), and
/wp-admin
usually still works to go to the login page.Yeah, that’s a fair point. I’ve been surprised to see a website is Wordpress from time to time.
As far as
/wp-admin
goes, I know all about that! Any web server I’ve run is constantly overrun with bots trying to hack it. A lot of times I configure nginx to simply drop connections to any URL ending in.php
or GZIP bomb.deleted by creator
I’ve looked into it a few times and it just seemed complicated to do within a Docker container but I could be wrong. I might have ChatGPT guide me on that endeavor.
deleted by creator
Thanks! Though I’m mainly only wanting to protect ports 80 and 443. Usually when it comes to web apps I Dockerize it and call it a day, so there is no SSH daemon hanging around.
deleted by creator
Yeah for personal stuff I prefer my own stuff, but for business I find Fly to be phenomenal. I can always “SSH” into a container if needed (though it’s definitely not SSH).