Please give us the ability to change the router endpoints

  • Woozy Face

    (@shaady4)


    7 years ago

    Hi there,

    I recently made the switch to version 3.

    However I saw that users get to see this when they would read the newsletter from within their browser, https://easyvoicetelecom.nl/site/?mailpoet_router&endpoint=track&action=click&data=WyIyIiwiMzdlNTA1IiwiMiIsImE4MGIyNmM1MTliYyIsZmFsc2Vd

    Now my question is could you please give us the ability to change the ?mailpoet_router& section to something like nieuwsbrief in Dutch or newsletter in English, Since it’s often recommended to change certain default plugin or wp endpoints due to site safety issues.

    I hope that you would love to make wordpress a little saver! Like me!

    Kind regards,

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Jack K

    (@jack-kitterhing)

    Hey there @shaady4,

    Interesting post. Overall the security related function of changing the endpoint wouldn’t really make much difference.

    For anyone to access the newsletter they need to know the exact data parameter to use, that means even if someone knows you are using MailPoet, browsing to example.com/?mailpoet_router&endpoint=track&action=click&data= will display nothing.

    There’s no real security benefit in obfuscating that URL. It’s more important to keep plugins, themes and WordPress core upto date. ??

    Thanks!

    Thread Starter Woozy Face

    (@shaady4)

    That was not my question Jack, I don’t want my visitors even to know that they are on a wp site.

    Jack K

    (@jack-kitterhing)

    Hey there @shaady4,

    Ah, I see what you mean and I’m sure the MailPoet folks will take the suggestion on board.

    Just from me being interested in understanding why, why don’t you want your visitors to know that you are using WP? As right now your URL, unless your visitor knows of MailPoet they won’t really know it’s WP as the URL is /site/?mailpoet

    I checked out your site and can see you disabled right click, but keyboard shortcuts still work to access inspectors and I see the core WP emoji script is loading, ElegantThemes, WooCommerce etc. Some folder names like wp-content-copy-protection show under site info as well.

    Really I guess my point being that if someone wants to find out what tech a site is using they will. And hiding endpoints, assets etc may stop very basic bot attacks but it doesn’t prevent people that are purposely trying to gain entry manually.

    Anyway I hope this gives some insight into my thought process and of course it is just my opinion. ??

    Thread Starter Woozy Face

    (@shaady4)

    Good job Sherlock, well it won’t be visible as soon the site is finished.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Please give us the ability to change the router endpoints’ is closed to new replies.