Friday, December 21, 2012

Visitor Logs Cause Undue Concern, When Visitors Click On Cached Icons

We see periodic concern, expressed in Blogger Help Forum: Something Is Broken, over apparent visitor access to blog maintenance wizards, using the Quick Edit icons.
I found this entry, in my StatCounter log. How did this person get access to my blog?
http://www.blogger.com/post-edit.g?blogID=7834826019588534175&postID=890014875501476492&from=pencil
Was my blog hacked?


This may not be a justified reason to panic, however. One may first wish to check that Stats (or whatever visitor log is in use, in this case) is properly configured, to not track your own activity. The link that you see may reflect your activity.

Even if the visitor log entry in question does not appear to reflect your own activity - even when allowing for the vagaries of geo location, you may still do well to remain calm.

Thanks to the unpredictable nature of cache, in your browser, on your computer, or even on your network, the Quick Edit icon which provides you with access to the sensitive wizards, which control the content of your blog, may also be visible to the casual visitor to your blog. Any idly curious visitor may even click on such an icon, when visible.

However, visibility of the icon does not guarantee access to sensitive blog controls. Here's what I saw, when I clicked on the link above.

D'Ohh!!!

Maybe, you'd like to verify that your blog is safe?
  1. Extract the URL, from a Quick Edit pencil, on your blog.
  2. Save the URL, somewhere safe.
  3. Clear cache, cookies, and sessions (yes, clear all 3!).
  4. Restart your browser.
  5. Load the saved URL.
  6. What do you see?

Similar to the problem with phantom visitors reading a private blog, this may not be an issue to concern you. Calm down, and get back to work.

>> Top

No comments: