Why We Don't Do “Powered By…” by Default

While it drives VCs, marketing mavens, SEO pundits and advisors crazy, long ago we made the decision to do what’s right by site owners. We don't put anything in our software that make it easily identifiable as a MODX-powered website. It’s may have slowed our adoption, but we stand by it being the right thing for end users.

By Ryan Thrash  |  May 29, 2012  |  4 min read
Why We Don't Do “Powered By…” by Default

Allow me paint an unfortunate picture of what happens too often to websites. For those that don't know, a “script kiddie” is someone who uses tools available in the nether regions of the Internet to hack your website for fun, ego trips and profit—also known as "p0wning" your site. This is not FUD (Fear, Uncertainty and Doubt), but a somber reality of the Internet today.

Beware the neckbeard, for they come with strong mojo! This man is not an evile hacker; any resemblances to someone you may know that is in fact an evile hacker is purely coincidental. Most likely. Photo courtesy XRWN. (Actually, he just might be one after all. Now I fear him and my use of the Flickr Creative Commons image search.)
  • Step 1—some nefarious evil computer genius with ample neck beardage figures out a security compromise for a version of the software that runs your website, or some of the software bundled with it. They then distribute what's known, to those skilled in the art, as a "script" to their minions: the script kiddies. (Their computer may be set up in their mom's basement, mind you, but they're still wickedly-crafty bastards!)
  • Step 2—script kiddies worldwide download said "warez" and "pr0n" distribution scripts to load into their Hack-o-Mattic 3000 software, or whatever it's called.
  • Step 3—While bouncing off the walls with evil anticipation, pinkies ready for mouth-corner application, they Google “powered by …” to find unwitting targets (or some variation thereof … this is autoamted, too). Robert's your Mother's brother, and your site gets p0wned. Script kiddies who compromise the most sites—some even band into gangs—gain clout amongst peers, or even earn cash for their highjinx.

Thousands of sites now distribute the latest screener videos, XXX "art", or infect web surfers’ computers with the latest zombie botnet software. (And subsequently, many are banished from Google search indexes.) This is all possible in part thanks to software that makes it far too easy easy to ID what powers websites.