Hello, a lot of web sites have a cms detection functionality.
For example, this project https://whatcms.org can check my website by url and tell, that it uses yii as a main framework.
How do they do this?
What main fingerprints exists?
How we can protect our system and hide this detection?
Scroll down https://whatcms.org/ content - it has a section " How We Detect Content Management Systems" - it use " <meta name="generator" ...> tag or x-powered-by header"
Others, like https://builtwith.com detect also by used script names - like yii.js, yii.validation.js etc. that comes from widgets
Probably you can hide framework from automatic detection, but i don’t think that it can give your really more security
I wanted to develop Yii scanning bot to find out approximately how many websites are powered by the framework. Never had enough time though.
Two more markers are csrf tokens and form filed names.
I’ve created a console Yii2 command, which helps to check it all. It can check a single url or a list of urls (from the file). It can output to a file too and work in a silent mode. Probably, the code is not perfect (I’ve tried to do it ASAP, but it works well). I’ve created it, because I need it, but you can use it too, of course.
It all is here: https://github.com/butteff/yiichecker
By looking at the robots.txt file it’s possible to make out the framework. For example, Yii 1 has a “protected” folder.
User-agent: *
Disallow: /protected
And Joomla has an “administrator” folder.
User-agent: *
Disallow: /administrator