Our great sponsors
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
I'm not for sure about how wordpress would get their stats, but I imagine it's something like scan the internet and put "/wp-login.php" behind the base url. If it comes back with the wordpress login page, then count it. At least that's how it seems like hackers find out if you have wordpress from my http server logs.
Also someone posted this thing a while back that does some detection like this to find out what tech is powering the website you are on:
https://www.wappalyzer.com/
I'm not related to them in any way and I don't know how accurate it is but it was interesting.
WordPress is pretty easy to detect even when wp-admin is hidden. People seem to not know theres a json api that exposes a lot of information. It's a good idea to disable showing authors since this can give an attacker information they can use to exploit in a few different ways. We had to do this for a high profile client a while back and wrote a little helpful plugin
I bet they are undercounting a bit since the large content sites will keep their WordPress install outside of public view completely and the site is just headless.
[0] https://github.com/firstandthird/wp-disable-authors
Related posts
- Documentation site / service that Frigate and Revolt.chat use?
- How could I know which libraries or technology is used on a particular website?
- Beginner to UX/UI - What development tools/frameworks/languages are used to create these effects?
- How to scrape Datadome protected websites (early 2023 version)
- Easy way to tell what framework a website is using?