Alexa-rank complaining about insecure generator meta-tagUsage of meta tag “generator”Why sitemap gives higher priority to category and archive pages?Usage of meta tag “generator”Are Meta tags useful for SEO?Services using the “generator” meta tag for usage statsWhy is Google omitting commas from the meta description tag in its search results?Can microdata be used within META and custom tags?Is a zero second meta refresh tag to 301 a Blogger post a proper solution?Is leaving meta description tag empty beneficial?Does differing meta descriptions on pages that share a canonical tag harm SEOIn terms of SEO, what happens when I use a tag/category which does not otherwise appear in my content?
After Restoring Log Shipping to Secondary Server, First Stored Procedure Execution is Slow
Will casting a card from the graveyard with Flashback add a quest counter on Pyromancer Ascension?
How to cope with regret and shame about not fully utilizing opportunities during PhD?
Mark command as obsolete
Do Grothendieck universes matter for an algebraic geometer?
Why does SSL Labs now consider CBC suites weak?
Will a coyote attack my dog on a leash while I'm on a hiking trail?
is it correct to say "When it started to rain, I was in the open air."
Why are BJTs common in output stages of power amplifiers?
complicated arrows in flowcharts
Were any of the books mentioned in this scene from the movie Hackers real?
Do not cross the line!
Is Valonqar prophecy unfulfilled?
How to redirect stdout to a file, and stdout+stderr to another one?
The meaning of the Middle English word “king”
Why can't I share a one use code with anyone else?
Can only the master initiate communication in SPI whereas in I2C the slave can also initiate the communication?
OSPF increase bandwidth with load-balancing
Find the unknown area, x
What is this old US Air Force plane?
How to make a not so good looking person more appealing?
Fixed width with p doesn't work
What was the ring Varys took off?
Was the dragon prowess intentionally downplayed in S08E04?
Alexa-rank complaining about insecure generator meta-tag
Usage of meta tag “generator”Why sitemap gives higher priority to category and archive pages?Usage of meta tag “generator”Are Meta tags useful for SEO?Services using the “generator” meta tag for usage statsWhy is Google omitting commas from the meta description tag in its search results?Can microdata be used within META and custom tags?Is a zero second meta refresh tag to 301 a Blogger post a proper solution?Is leaving meta description tag empty beneficial?Does differing meta descriptions on pages that share a canonical tag harm SEOIn terms of SEO, what happens when I use a tag/category which does not otherwise appear in my content?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
The Alexa-rank auditing tool is complaining about a generator meta-tag that is according to the HTML5 standard.
<meta name="generator" content="Company Name">
The Alexa Site Audit Report complains about this tag being insecure:
What is this topic about?
HTML tags . on your pages that expose information about the software used to build your site.
Why is this important?
Insecure meta tags on your website provide information about the underlying software (such as Wordpress) that could help someone attack or compromise your website.
I've read comments from here and here, but it does not state why it may be insecure to use the generator meta-tag (it does say that it might be useless, but not insecure).
seo meta-tags
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
The Alexa-rank auditing tool is complaining about a generator meta-tag that is according to the HTML5 standard.
<meta name="generator" content="Company Name">
The Alexa Site Audit Report complains about this tag being insecure:
What is this topic about?
HTML tags . on your pages that expose information about the software used to build your site.
Why is this important?
Insecure meta tags on your website provide information about the underlying software (such as Wordpress) that could help someone attack or compromise your website.
I've read comments from here and here, but it does not state why it may be insecure to use the generator meta-tag (it does say that it might be useless, but not insecure).
seo meta-tags
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
The Alexa-rank auditing tool is complaining about a generator meta-tag that is according to the HTML5 standard.
<meta name="generator" content="Company Name">
The Alexa Site Audit Report complains about this tag being insecure:
What is this topic about?
HTML tags . on your pages that expose information about the software used to build your site.
Why is this important?
Insecure meta tags on your website provide information about the underlying software (such as Wordpress) that could help someone attack or compromise your website.
I've read comments from here and here, but it does not state why it may be insecure to use the generator meta-tag (it does say that it might be useless, but not insecure).
seo meta-tags
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
The Alexa-rank auditing tool is complaining about a generator meta-tag that is according to the HTML5 standard.
<meta name="generator" content="Company Name">
The Alexa Site Audit Report complains about this tag being insecure:
What is this topic about?
HTML tags . on your pages that expose information about the software used to build your site.
Why is this important?
Insecure meta tags on your website provide information about the underlying software (such as Wordpress) that could help someone attack or compromise your website.
I've read comments from here and here, but it does not state why it may be insecure to use the generator meta-tag (it does say that it might be useless, but not insecure).
seo meta-tags
seo meta-tags
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
TheJamesTheJames
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
TheJamesTheJames
112
asked 5 hours ago
TheJamesTheJames
112
112
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
TheJames is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
The tag itself is not insecure. It's just a tag in an HTML file.
What it does, though, is provide direct/immediate information about your the software you are using and thus can be used by hackers to select which of their hacking system to use to penetrate your system.
Without that information they would have to run probes and it could take a long time. Also with advanced web firewalls, you could detect such probes and block the IP address (Some people say blocking IPs is not a good idea, my experience is that it works wonders.)
Note that a tag which only gives a name is rather safe (i.e. content="Wordpress"). If the tag includes the name, version, build date, etc. then it becomes really easy (i.e. content="Wordpress 1.2.3 May 13, 2019"). So in your example, it is perfectly safe. Especially if your generator is proprietary and you use it for one or two websites (opposed to Wordpress which is used for million of websites.)
What is a probe?
Whenever you access a website you can detect which CMS was used to generate it by looking at the HTML contents.
Examples:
- Wordpress uses paths that include
wp-as an introducer. - Drupal uses
.../sites/<name>/files/...
Every single CMS is going to do the same sort of thing for all the websites that use them. However, detecting the version is harder. You have subtle differences which will tell you but it makes the hacker's life more interesting (to my point of view--but read harder).
So hiding the generator's tag makes no difference if you just have the name of the CMS in there.
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "45"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
TheJames is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwebmasters.stackexchange.com%2fquestions%2f122853%2falexa-rank-complaining-about-insecure-generator-meta-tag%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The tag itself is not insecure. It's just a tag in an HTML file.
What it does, though, is provide direct/immediate information about your the software you are using and thus can be used by hackers to select which of their hacking system to use to penetrate your system.
Without that information they would have to run probes and it could take a long time. Also with advanced web firewalls, you could detect such probes and block the IP address (Some people say blocking IPs is not a good idea, my experience is that it works wonders.)
Note that a tag which only gives a name is rather safe (i.e. content="Wordpress"). If the tag includes the name, version, build date, etc. then it becomes really easy (i.e. content="Wordpress 1.2.3 May 13, 2019"). So in your example, it is perfectly safe. Especially if your generator is proprietary and you use it for one or two websites (opposed to Wordpress which is used for million of websites.)
What is a probe?
Whenever you access a website you can detect which CMS was used to generate it by looking at the HTML contents.
Examples:
- Wordpress uses paths that include
wp-as an introducer. - Drupal uses
.../sites/<name>/files/...
Every single CMS is going to do the same sort of thing for all the websites that use them. However, detecting the version is harder. You have subtle differences which will tell you but it makes the hacker's life more interesting (to my point of view--but read harder).
So hiding the generator's tag makes no difference if you just have the name of the CMS in there.
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
add a comment |
The tag itself is not insecure. It's just a tag in an HTML file.
What it does, though, is provide direct/immediate information about your the software you are using and thus can be used by hackers to select which of their hacking system to use to penetrate your system.
Without that information they would have to run probes and it could take a long time. Also with advanced web firewalls, you could detect such probes and block the IP address (Some people say blocking IPs is not a good idea, my experience is that it works wonders.)
Note that a tag which only gives a name is rather safe (i.e. content="Wordpress"). If the tag includes the name, version, build date, etc. then it becomes really easy (i.e. content="Wordpress 1.2.3 May 13, 2019"). So in your example, it is perfectly safe. Especially if your generator is proprietary and you use it for one or two websites (opposed to Wordpress which is used for million of websites.)
What is a probe?
Whenever you access a website you can detect which CMS was used to generate it by looking at the HTML contents.
Examples:
- Wordpress uses paths that include
wp-as an introducer. - Drupal uses
.../sites/<name>/files/...
Every single CMS is going to do the same sort of thing for all the websites that use them. However, detecting the version is harder. You have subtle differences which will tell you but it makes the hacker's life more interesting (to my point of view--but read harder).
So hiding the generator's tag makes no difference if you just have the name of the CMS in there.
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
add a comment |
The tag itself is not insecure. It's just a tag in an HTML file.
What it does, though, is provide direct/immediate information about your the software you are using and thus can be used by hackers to select which of their hacking system to use to penetrate your system.
Without that information they would have to run probes and it could take a long time. Also with advanced web firewalls, you could detect such probes and block the IP address (Some people say blocking IPs is not a good idea, my experience is that it works wonders.)
Note that a tag which only gives a name is rather safe (i.e. content="Wordpress"). If the tag includes the name, version, build date, etc. then it becomes really easy (i.e. content="Wordpress 1.2.3 May 13, 2019"). So in your example, it is perfectly safe. Especially if your generator is proprietary and you use it for one or two websites (opposed to Wordpress which is used for million of websites.)
What is a probe?
Whenever you access a website you can detect which CMS was used to generate it by looking at the HTML contents.
Examples:
- Wordpress uses paths that include
wp-as an introducer. - Drupal uses
.../sites/<name>/files/...
Every single CMS is going to do the same sort of thing for all the websites that use them. However, detecting the version is harder. You have subtle differences which will tell you but it makes the hacker's life more interesting (to my point of view--but read harder).
So hiding the generator's tag makes no difference if you just have the name of the CMS in there.
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
The tag itself is not insecure. It's just a tag in an HTML file.
What it does, though, is provide direct/immediate information about your the software you are using and thus can be used by hackers to select which of their hacking system to use to penetrate your system.
Without that information they would have to run probes and it could take a long time. Also with advanced web firewalls, you could detect such probes and block the IP address (Some people say blocking IPs is not a good idea, my experience is that it works wonders.)
Note that a tag which only gives a name is rather safe (i.e. content="Wordpress"). If the tag includes the name, version, build date, etc. then it becomes really easy (i.e. content="Wordpress 1.2.3 May 13, 2019"). So in your example, it is perfectly safe. Especially if your generator is proprietary and you use it for one or two websites (opposed to Wordpress which is used for million of websites.)
What is a probe?
Whenever you access a website you can detect which CMS was used to generate it by looking at the HTML contents.
Examples:
- Wordpress uses paths that include
wp-as an introducer. - Drupal uses
.../sites/<name>/files/...
Every single CMS is going to do the same sort of thing for all the websites that use them. However, detecting the version is harder. You have subtle differences which will tell you but it makes the hacker's life more interesting (to my point of view--but read harder).
So hiding the generator's tag makes no difference if you just have the name of the CMS in there.
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
edited 4 hours ago
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
answered 4 hours ago
Alexis WilkeAlexis Wilke
1,804715
1,804715
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
add a comment |
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
You forgot to mention the tag use, in this case, is useless clutter and should be removed for that reason alone.
– Rob
1 hour ago
add a comment |
TheJames is a new contributor. Be nice, and check out our Code of Conduct.
TheJames is a new contributor. Be nice, and check out our Code of Conduct.
TheJames is a new contributor. Be nice, and check out our Code of Conduct.
TheJames is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Webmasters Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwebmasters.stackexchange.com%2fquestions%2f122853%2falexa-rank-complaining-about-insecure-generator-meta-tag%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
