Probably many Internet users know that various ready-made tools are used to create websites. They are called engines or CMS. How to determine which engine is used on the site, and why it is needed, will be discussed later in our article.
What is a site engine, and why is it needed?
The site engine is an automated tool for managing and configuring. In particular, many CMS allow you to change the appearance of something by applying a template, add new content, menus, an entire page or section.
Of the most famous, you can highlight such as WordPress, Joomla, Drupal, the domestic "Bitrix" and many others.
How to find out the site engine
The engine can be recognized in several ways:
- having analyzed the page manually;
- identifying by typical characteristics;
- using online services.
To analyze the site with available tools, you need to open the source code of the page. A little run through the lines can give a lot of useful information.
Almost every site has a meta name tag with the name generator in the body of its code. It may indicate a content management system, or maybe not. It all depends on whether the portal administrator has taken the means of concealment.
You can also learn the site engine from the lines with CSS and JavaScript. Paths to style files and scripts may contain parts of standard layouts for CMS. For example, typical WordPress keywords are: wp-content .
You can find out which engine the site is by viewing the robots.txt file. It is designed to ban visits to certain pages by search engines. Therefore, it may contain standard paths for some CMS. Naturally, you need to know the file and folder structure of the most popular engines.
The appearance of links on the page can also help to know the site engine. If the CMS does not use third-party solutions for link building, then, by default, they may look like this:
- / p = 501 - actual type of link for WordPress;
- /index.php?option=com_content ... - this template is used in Joomla by default;
- page / page_name - this is the address in MaxSite.
To learn the site engine will help the method with the substitution of the addresses of the admins of famous CMS. It is worth trying to substitute the following paths to the domain:
- wp-admin - admin panel on WordPress;
- administrator - this address uses Joomla;
- admin - and this one belongs to MaxSite.
Scanning server responses can also help you know which engine the site is on. This can be done using special tools. In the response from the server we are interested in http header. It may contain a field with an X-Powered-CMS value.
It makes sense to view the saved cookies on the site. For this, you may also need special tools called sniffers. Among the cookie strings, you can find parts of the names of popular CMS, for example, wp or umicms .
Online services
The first tool is Itrack. In its database, it has the characteristics of more than 50 content management tools in order to find out the engine of a site online. It is enough to visit the site, enter the name of the desired domain, captcha and click "Check". After a while, the service will scan the specified site and render its verdict. And if there is a CMS, then it will be displayed.
Another good multifunctional service in order to find out the engine of a site online is 2ip. Here the address of the scanned resource is entered and the "Learn" button is clicked. The system will sort through all known CMS, displaying them one by one. And as soon as I stumble upon a coincident, he will notify about it.
Why you may need to check the site engine
Such information will always be useful to an attacker-hacker. How can he use it? Very simple. All content management tools are written by people. Accordingly, errors may be present in projects and sites. Some are very quickly corrected, some remain. Knowing the typical errors of a specific CMS and being sure that it is installed on the attacked site, a hacker can apply various approaches using vulnerabilities and exploits.
Also, the type of engine may be needed by a web programmer who wants to create about the same site for himself or the customer. Or maybe the same developer wants to see how easily the CMS hacker will determine on his site.
Hiding engine details
As you can see, by hiding data about which of the CMS is used, you can additionally secure your site from unauthorized access as a result of a hacker attack. In fact, many articles on the Internet, on forums and in various instructions are devoted to this. There is no universal formula for hiding the type of engine for all CMS at once. Each will have to act in its own way.
For example, Joomla generates a Generator tag. This means that you need to fix the index.php file of the current template. Add the line <? Php $ this-> setGenerator (``)?> Somewhere between other meta tags to it.
Manually changing the display of web page addresses is very difficult. But there are ready-made solutions, something like JoomSEF. They generate links based on the names of materials, and the appearance of the address bar becomes more readable and does not differ from most sites.
You can also recognize the Joomla site by the well-known icon in the browser header. It is called favicon.ico and lies in the root of the site or folder of the current template.
Very often, CMS is determined by the standard 404 page, which reports an error. It is recommended to immediately change it after configuration and configuration.
Conclusion
Before you find out which engine the site uses, you will first have to search the Internet for information about what typical signs and parameters have one or another CMS. Well, or contact online sites. And in order to hide the use of a content management system on your own resource with your own hands, you still have to master the basics of PHP and HTML. Although here on all well-known CMS there are ready-made solutions in the form of plug-ins, modules and components. Many of which, by the way, also reduce the site's resistance to attacks. Which approach to choose is up to the web developer.