• dan@upvote.au
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    1 year ago

    It really depends on how much customization has gone into the site. TechCrunch, Wired, and TIME all use WordPress for example, but their theme is customized to the point where you can’t really tell that it’s WordPress. There are some ways to tell though, for example some of the larger sites are hosted by Automattic (these say “powered by WordPress VIP” in the footer), and /wp-admin usually still works to go to the login page.

    • railsdev@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Yeah, that’s a fair point. I’ve been surprised to see a website is Wordpress from time to time.

      As far as /wp-admin goes, I know all about that! Any web server I’ve run is constantly overrun with bots trying to hack it. A lot of times I configure nginx to simply drop connections to any URL ending in .php or GZIP bomb.

      • blkpws@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I suppose you also configure some fail2ban rules to ban those bots. Seems to be the easier way.

        • railsdev@programming.dev
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I’ve looked into it a few times and it just seemed complicated to do within a Docker container but I could be wrong. I might have ChatGPT guide me on that endeavor.