Increase Protection From Stalkers: Admin URL Obfuscation
-
I have a feature request. Like Google and probably other https email account providers, please obfuscate the URL for https pages. (i.e. Don’t put the blog name in it.) This will help avoid people from stalking a blogger by mapping their IP address (especially to admin pages) to their blog and then using details in their blog to pinpoint their location. Your blog name is basically kind of like your username; providers like Google, do not put your username/email address in the URL.
I wasn’t sure if I could post a video link here, but if you look up a demonstration of how VPN works against a sniffer, you will see what I mean. Your IP address can pinpoint you down to your zipcode, and that’s a pretty small area to search through when a stalker can use all the details in their blog to social engineer their way to find you, as well as public records of the area.
It would be great to ensure that, when logged into your account, all page views are also obfuscated, since small bloggers would probably be the ones viewing their blog the most and the hacker could just count how many times they viewed the page per month or something like that relative to other IPs.
-
Hi there. Can you clarify whether you’re recommending this as a suggestion for WordPress.org in general, or whether this is a recommendation just for WordPress.com sites?
And, can you clarify what this would look like?
please obfuscate the URL for https pages. (i.e. Don’t put the blog name in it.)
All of the sites on WordPress.com are https by default for everything, so not putting the blog URL on them could be problematic.
-
I am referring to WordPress.com sites.
The issue of privacy can be seen in this video:
As an example of obfuscation, notice in the above link that you do NOT see my username or even the name of the video that it links to. This is obfuscation, so that you cannot readily connect my IP address to what I’m seeing. Even if you know my IP address you wouldn’t know what I was watching and only know I connected to Youtube.
Viewing anything on the web, without a VPN or other way to encrypt your IP address basically allows the hacker to see the connection between your location (zipcode attached to your IP address) and your blog, which currently writes the name of your blog in the URL, even on ADMIN pages.
So basically, implementation-wise, you would have the URL show a temporary id for your individual session (at least that’s how I would guess it would work) instead of showing your blog name in the clear.
-
However, I could just be understanding the granularity of the IP address mapping incorrectly. I don’t have the means to test the scenario as in the provided video; so I’m not sure if it only shows the domain structure versus the whole file structure path.
-
Could you give an example of a WordPress url you’d have changed? You can sub
fakeusernameif needed. -
Something like…
Current with less privacy for visiting the admin page of myblogname:
https://myblogname.wordpress.com/wp-admin/
New with more privacy since you don’t know what blog admin page they are visiting:
https://www.wordpress.com/23590dfsdgd
or
https://www.wordpress.com/wp-admin/23590dfsdgd
The idea is that 23590dfsdgd cannot be linked to a particular blog at any point outside of the secured channel. (i.e. If I log in at a different time, 23590dfsdgd would be different, like ;lKSJDglkj. In this case, it may be different than Youtube. It is more like, for instance, if you log in to an email, copy the URL to your inbox, and put it into the browser on a different computer; it doesn’t go to your inbox; it goes to a login page so the second computer couldn’t know anything about your user name or email address.) Sorry, I’m not sure if it is possible or if that’s how the email providers implement it, but that’s how I understand it would work.
-
Here’s the Inbox link of Gmail:
https://mail.google.com/mail/u/0/#inbox
I don’t know where the key is to identify the user, but it isn’t even in the url in this case.
-
Something like…
Current with less privacy for visiting the admin page of myblogname:
https://myblogname.wordpress.com/wp-admin/
New with more privacy since you don’t know what blog admin page they are visiting:
There is no way to do this on WordPress.com, and it’s also not something we plan to implement.
As you mentioned above, a VPN provides the privacy you’re looking for in this case, and that is what we advise if you have concerns over someone spying on your browsing activity when working on your site.
-
What is the limitation that prevents you from doing this?
I’m just curious, not that I am trying to convince you of this feature.
-
WordPress.com is basically a giant WordPress Multisite installation, meaning that all core file paths are the same, which is probably the biggest roadblock currently to providing a unique wp-admin URL for every site.
-
Thank you for taking the time to answer my curiosity. :)
It seemed like WordPress.com was partially already doing it by having:
versus
https://wordpress.com/username/
However, I think I can see where it would be difficult. Based on your description and my own thinking of how it might be difficult is that the data isn’t handled as something like username with blogs attached under it, but rather a bunch of blogs that are linked via a username tag. So each blog is really a separate entity and WordPress.com is just providing a convenient single log-in versus a single username entity with multiple blog spaces underneath it. I’d guess that makes the domain name handling easier, but I don’t actually know much about web hosting backend as you can probably tell from my questions and answers.
Thank you again for taking the time to answer my question and help me expand my knowledge. Have a blessed day!
- The topic ‘Increase Protection From Stalkers: Admin URL Obfuscation’ is closed to new replies.
WordPress.com Forums 