Many clients have asked why there’s a /cms or /main on the end of our website URLs. There’s a very simple answer to this question – to help fend off potentially devastating hacking attempts on your website.
Hackers can be put into two categories:-
These are the types of hackers that look for vulnerabilities in website systems (content management systems like Joomla, WordPress etc), and write a program to crawl the web to find similar websites to hack into.
These are the types of hackers that are synonymous with groups like ‘Anonymous’ and other hackers that make a deliberate and targeted attempt to hack into a website or system (think the PS3 network being hacked last year).
Whilst there’s not much you can do to avoid a deliberate hacking attempt on your website, we can definitely stop run-of-the-mill script kiddies from getting into and playing around with your online business.
The /cms and /main you see on the end of your URLs means that your website is installed in a sub-directory (think a folder within a folder – just like on your computer). Most hacking scripts or programs can only look in the main folder of a server (called the root directory) and can’t go into a sub-directory.
This being the case, most hacking scripts will poke around to see what’s in the root directory, discover nothing (because we’ve ‘hidden’ your website in a folder within the root directory) and move on.
Think of it like this:-
Installing your website in the root directory of a server is like leaving your car in the yard for all to see. Opportunistic thieves will see this and may or may not choose to take action.
Installing your website in a sub-directory (ie. /cms or /main) is like putting your car in the garage so no-one can see it. If the opportunistic thief can’t see your car, chances are he will move onto the next target.