Are secret URLs truly secure?

Question

I never leave backdoors in my system, but out of curiosity I was wondering if I left a secret URL like /x52d23r that allowed to bypass some sort of security, and this was on

Answer 1

would that be somehow discovered by a third party without getting the information from me? For example, secret ports can be port scanned and fingerprinted, but can the same sort of tactic be done for secret URLs?

Yes. You are thinking of the threat as a human being sitting at a computer typing the URL into their browser. The reality is that attackers use automated programs that perform reconnaissance on systems and use that information to attempt a variety of attacks. Trying random URLs has little cost for an automated system than can produce hundreds of HTTP requests per second. Second as others have noted, once you use the URL it is no longer secret. Those automated programs listen to internet traffic and collect URLs to attempt attacks on. The fact that only you know the URL means that no other person can divulge its value. It does not prevent technical means from divulging the value.