Google Adsense

Post Reply

Page 12 >

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
djlurchg Members Profile Find Members Posts Groupie Joined: 31 March 2006 Status: Offline Points: 40	Post Options Post Reply Quote djlurchg Report Post Thanks(0) Quote Reply Topic: Google Adsense Posted: 10 April 2006 at 5:18am
	Upgrading from 6 to 7 to 8 tonight. Permissions were immediately were set to allow guest access. Because of the Google Adwords inclusion, google search spiders now have access to indexing what I had hoped would remain private information. My mistake though for trusting the software. I closed the hole myself. Here's a brief sysnopsis of the hole: Google Adwords found on page. Code phones home with URL of calling page. Forum not locked down. Google indexes URL because it's not locked down. Formerly hidden info now indexed and viewable by search engines. Please tell me where I'm wrong. I'd be happy if I was. Seriously. Edited by djlurchg - 11 April 2006 at 5:36pm

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 10 April 2006 at 11:05am
	This is not a security hole, more a case of you not reading the instructions!! If you had read the upgrade tools on screen instructions you would have seen that because a new permissions system is used in version 8 that once the database upgrade is complete you would need to reset any permissions as they would be set to default permissions. This also has nothing to do with the Google Ads, that must be left in the software.

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 10 April 2006 at 11:06am
	Taken from upgrade tool instructions:- 10. The database update will now be complete, forum Group and Member permissions may have changed, so please check these before setting your new forum live.

wistex Members Profile Find Members Posts Mod Builder Group Joined: 30 August 2003 Location: United States Status: Offline Points: 877	Post Options Post Reply Quote wistex Report Post Thanks(0) Quote Reply Posted: 11 April 2006 at 1:30am
	Also, just FYI. Google has two bots, the Googlebot and AdSensebot. AdSensebot visiting won't get you listed in the search engine, and Googlebot won't tell AdSense what ads to display on a page. They work independently according to Google and from what I've seen on my and other websites. Now, if you visited with the Google Toolbar, Googlebot would probably show up. But viewing pages with AdSense on them does not necessarily call the Googlebot. So you might have lucked out.
	WisTex Solutions CaribbeanChoice Forums

djlurchg Members Profile Find Members Posts Groupie Joined: 31 March 2006 Status: Offline Points: 40	Post Options Post Reply Quote djlurchg Report Post Thanks(0) Quote Reply Posted: 11 April 2006 at 4:15pm
	No, I didn't. Content sensitive ads started showing up in spite of me manually adding lockout code (my own Session variable checker). I have contacted Google about the situation and am awaiting a response. It's a mistake on my part for not securing the forum first. I should have know better. No national secrets, but just privacy concerns.

wistex Members Profile Find Members Posts Mod Builder Group Joined: 30 August 2003 Location: United States Status: Offline Points: 877	Post Options Post Reply Quote wistex Report Post Thanks(0) Quote Reply Posted: 11 April 2006 at 4:42pm
	It is possible that the AdSensebot did not visit those pages. I have noticed that sometimes Google will display ads on pages it hasn't looked at yet (such as private pages which are locked to those without permission). It bases the ads on other pages on the website or based on the URL. It hasn't actually indexed or seen those pages. I can tell because 1.) the pages cannot be viewed without being logged in (and with the correct permissions) and 2.) the ads usually are either a.) related to popular subject matter on the website or b.) related to what is in the URL of the page, but not necessarily the content of the page. Sometimes it guesses so wrong that its obvious it hasn't looked at the content of the page at all.
	WisTex Solutions CaribbeanChoice Forums

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 11 April 2006 at 5:01pm
	Also, I have setup the Google Ads to display an ad from Web Wiz Guides own ad server if a relevant ad is not available. I often notice that in Private forums, the Private Messaging system, or other pages that Google's Adsense spider can not enter, it still tries to index the page, but most of the time keeps displaying ads servers by Web Wiz Guide's own servers as it can not index the page to get it's content.

djlurchg Members Profile Find Members Posts Groupie Joined: 31 March 2006 Status: Offline Points: 40	Post Options Post Reply Quote djlurchg Report Post Thanks(0) Quote Reply Posted: 11 April 2006 at 5:23pm
	borg: This is more a security concern that I have with google, not WWF. Don't sweat it. As mentioned I am contacting them. I'd like to see a post on Slashdot talking about this "hole" (at least I see it that way).

Post Reply	Page 12 >

Forum Jump

Forum Permissions View Drop Down

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum