You are not logged in.
Yea. It deleted all of my recordings on my mythtv server.
66.249.73.204 - - [25/Jan/2009:16:02:57 -0600] "GET /mythweb/tv/recorded?delete=yes&chanid=2491&starttime=1232571600 HTTP/1.1" 302 1 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
I know, my bad for not securing it. I have a dyndns account for my server at home. Until just now I had the site in my profile here, which is where I think google picked it up. I didn't have any links to it, and I wasn't worried about people finding it. Never thought about google bot finding it.
It 'clicked' on every delete recording link and deleted every recording on my server. From the logs, it also found my music & video files. In the process of clicking on links, it also managed to basically hose my mythconverg database for the scheduled recordings. I'm planning on just replacing the database with the blank stock database and starting over.
I'd only been playing with it, and hadn't gotten around to securing it yet, totally forgetting that it was accessable from the public internet.
Boo-hoo me. I know better, especially now. Just thought I'd throw a warning out there for anyone else wondering why in the world they would secure their mythweb install.
"He is no fool who gives what he cannot keep to gain that which he cannot lose." -Jim Elliot
Offline
Just so you know, google is probably not even near the person who opened that link.
One probably used the googlebot user agent instead. Sounds a lot more likely...
My coding blog (or an attempt at it)
Archer start page (or an attempt at it)
Offline
I'd be thinking it was Google:
$ host 66.249.73.204
204.73.249.66.in-addr.arpa domain name pointer crawl-66-249-73-204.googlebot.com.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
I think it was google as the host lookup goes back to google server. Also, if I 'google' my host name on google, I do have cached results that appear.
It's actually a little frightening.
"He is no fool who gives what he cannot keep to gain that which he cannot lose." -Jim Elliot
Offline
wow, if that's true, time to tweak the robots.txt :eek:
Offline
More like just protect it with a user/password with .htaccess or w/e.
Offline
Which, ironically, was my next task to accomplish...just hadn't gotten there.
It will be user/password protected before it sees the light of the public side again.
"He is no fool who gives what he cannot keep to gain that which he cannot lose." -Jim Elliot
Offline
That's AMAZING xD
Bookmarked... might submit to Digg, too
Thanks for the lulz.
Offline