Re: [WebDNA] Attack?
This WebDNA talk-list message is from 2015
It keeps the original formatting.
numero = 112063
interpreted = N
texte = On one of my client's websites, every web-based request uses thesame form. It asks for the visitor's email address, and it sendsa confirmation code number to that address.If the visitor clicks the link in this email, visits theconfirmation page, and enters the code number (and the same emailaddress he used when he submitted the requests form) he gets tocomplete his request which gets passed on to the website owner.Otherwise it gets deleted from the requests.db after 24 hours.This system replaced the WebDNA-based captcha system we were usingbefore. Ever since the change-over this client has been extremelyhappy with the dramatically reduced emails he gets from thewebsite. The visitors like it far better than captcha, too.We understand that anyone with a serious request will take thetime to click the link in the confirmation email and confirmhis/her request online. Those who don't are bots ... or loserswho have nothing better to do than waste other people's time.Naturally this will not stop the bots from submitting the requestform, so if this becomes a problem there may be Javascript-basedway to block the bots. But we never had this problem so we don'tneed any additional levels of protection such as Javascript.If something like this does not ressolve the problem you shouldprobably install a firewall system on your server that detects aspecified number of requests to certain web pages or ports orservices within a specified period of time and then blackliststheir ip addresses at the server level either temporarily orpermanently.Regards,Kenneth GromeWebDNA Solutionshttp://www.webdnasolutions.comWeb Database Systems and Linux Server Management
Associated Messages, from the most recent to the oldest:
On one of my client's websites, every web-based request uses thesame form. It asks for the visitor's email address, and it sendsa confirmation code number to that address.If the visitor clicks the link in this email, visits theconfirmation page, and enters the code number (and the same emailaddress he used when he submitted the requests form) he gets tocomplete his request which gets passed on to the website owner.Otherwise it gets deleted from the requests.db after 24 hours.This system replaced the WebDNA-based captcha system we were usingbefore. Ever since the change-over this client has been extremelyhappy with the dramatically reduced emails he gets from thewebsite. The visitors like it far better than captcha, too.We understand that anyone with a serious request will take thetime to click the link in the confirmation email and confirmhis/her request online. Those who don't are bots ... or loserswho have nothing better to do than waste other people's time.Naturally this will not stop the bots from submitting the requestform, so if this becomes a problem there may be Javascript-basedway to block the bots. But we never had this problem so we don'tneed any additional levels of protection such as Javascript.If something like this does not ressolve the problem you shouldprobably install a firewall system on your server that detects aspecified number of requests to certain web pages or ports orservices within a specified period of time and then blackliststheir ip addresses at the server level either temporarily orpermanently.Regards,Kenneth GromeWebDNA Solutionshttp://www.webdnasolutions.comWeb Database Systems and Linux Server Management
Kenneth Grome
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Show shoppingcart after remove last item (1997)
WebCat2: Items xx to xx shown, etc. (1997)
Help needed! (1998)
autosensing lanague selection (1997)
Initiating NewCart (1997)
Multiple radio buttons (1998)
[FIXED] Preserving file creation dates on [copyfile] (2007)
WebCat2: multiple currency support (1997)
WC2.0 Memory Requirements (1997)
Search Criteria (2000)
Search Engine bots (2002)
secret [cmd] variable? (2004)
WebCatb15 Mac CGI -- [purchase] (1997)
WebCat2.0 [format thousands .0f] no go (1997)
Searchable WebCat (etc.) Docs ? (1997)
Looking For WebCatalog Migration Assistance (2003)
XMLNodes Error (2007)
Re:Emailer and encryption (1997)
Satisfy Me ! was: Why can't support be satisfying topurchasers? (2000)
[random] only for 1-100??? (1997)