> -----Original Message----- > From: Che Vilnonis [mailto:[EMAIL PROTECTED] > Sent: Friday, May 27, 2005 11:49 AM > To: CF-Talk > Subject: RE: Robot.txt question... security issue? > > Jim, that is the recommendation I told my boss. :) > > The client in question is being audited by Visa/Mastercard and they are > using a 'canned' software package/service to perform the audit. In the > future, that recommendation may become a requirement in order to help stop > online fraud.
I'm familiar with the drill (I work for a big financial company myself). Like I said - I think it's worth it for the audit to bring up, it's just one of those things that doesn't seem doable. Just to clear however I assume that the directories listed in the Robots.txt file are actually linked from the site, right? A log in form, a protected link, etc? If they are then any hacker would start there in any case. If they're not then you probably don't need to include them in the Robots file anyway - how could a search engine "find" them? (Although I'd err on the side of safety and leave them in anyway just in case somebody links them later.) Jim Davis ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:207872 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
