Re: [WebDNA] Attack?

This WebDNA talk-list message is from

2015

It keeps the original formatting. numero = 112063
interpreted = N
texte = On one of my client's websites, every web-based request uses thesame form. It asks for the visitor's email address, and it sendsa confirmation code number to that address.If the visitor clicks the link in this email, visits theconfirmation page, and enters the code number (and the same emailaddress he used when he submitted the requests form) he gets tocomplete his request which gets passed on to the website owner.Otherwise it gets deleted from the requests.db after 24 hours.This system replaced the WebDNA-based captcha system we were usingbefore. Ever since the change-over this client has been extremelyhappy with the dramatically reduced emails he gets from thewebsite. The visitors like it far better than captcha, too.We understand that anyone with a serious request will take thetime to click the link in the confirmation email and confirmhis/her request online. Those who don't are bots ... or loserswho have nothing better to do than waste other people's time.Naturally this will not stop the bots from submitting the requestform, so if this becomes a problem there may be Javascript-basedway to block the bots. But we never had this problem so we don'tneed any additional levels of protection such as Javascript.If something like this does not ressolve the problem you shouldprobably install a firewall system on your server that detects aspecified number of requests to certain web pages or ports orservices within a specified period of time and then blackliststheir ip addresses at the server level either temporarily orpermanently.Regards,Kenneth GromeWebDNA Solutionshttp://www.webdnasolutions.comWeb Database Systems and Linux Server Management Associated Messages, from the most recent to the oldest:

Re: [WebDNA] Attack? (Kenneth Grome 2015)
Re: [WebDNA] Attack? (Robert Minor 2015)
Re: [WebDNA] Attack? (Stuart Tremain 2015)
Re: [WebDNA] Attack? (Stuart Tremain 2015)
Re: [WebDNA] Attack? (Kenneth Grome 2015)
[WebDNA] Attack? (Stephen Reiss 2015)

On one of my client's websites, every web-based request uses thesame form. It asks for the visitor's email address, and it sendsa confirmation code number to that address.If the visitor clicks the link in this email, visits theconfirmation page, and enters the code number (and the same emailaddress he used when he submitted the requests form) he gets tocomplete his request which gets passed on to the website owner.Otherwise it gets deleted from the requests.db after 24 hours.This system replaced the WebDNA-based captcha system we were usingbefore. Ever since the change-over this client has been extremelyhappy with the dramatically reduced emails he gets from thewebsite. The visitors like it far better than captcha, too.We understand that anyone with a serious request will take thetime to click the link in the confirmation email and confirmhis/her request online. Those who don't are bots ... or loserswho have nothing better to do than waste other people's time.Naturally this will not stop the bots from submitting the requestform, so if this becomes a problem there may be Javascript-basedway to block the bots. But we never had this problem so we don'tneed any additional levels of protection such as Javascript.If something like this does not ressolve the problem you shouldprobably install a firewall system on your server that detects aspecified number of requests to certain web pages or ports orservices within a specified period of time and then blackliststheir ip addresses at the server level either temporarily orpermanently.Regards,Kenneth GromeWebDNA Solutionshttp://www.webdnasolutions.comWeb Database Systems and Linux Server Management Kenneth Grome

DOWNLOAD WEBDNA NOW!

Re: [WebDNA] Attack?

2015

Top Articles:

Related Readings: