Re: Denying access by IP address
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 27984
interpreted = N
texte = on 2/23/2000 3:44 PM, Scott Nelsen at scott@nelsen.net wrote:> I am denying people access to our website based on their IP address. Right> now I have> the following programming entered to block out an entire class C address -> obviously> the x's represent an IP address - I wanted to keep that confidential.> > ----------> > [ShowIf [IPADDRESS]^xxx.xxx.xxx]>
> >
>
SIZE=+2>You have> been denied access to this site!> > [/ShowIf]> > [hideif [IPADDRESS]^xxx.xxx.xxx]> > <---homepage here but not shown to save space--->> > [/hideif]> > --------------> > What I want to know is how I can indicate a complete and separate Class C (or> for that> matter, class B) without doing multiple [showif]s and [hideif]s.> > (I know there is probably a better way to do this - we are looking into that> but for> right now I need to deny access until we can get the programming done.)> > Thanks,> > Scott> Scott, Don't want to burst your bubble, but there is a security problem withyour solution. You should use some other method to block IP addresses suchas any built in to your web server. The problem is, and this has beenbrought to the attention of SM already, session values such as ipaddress andreferrer that *should not* be editable, can be overridden by addingformvariables with the same name. Try this on for size...http://www.yourserver.com/protectedfile.tpl?ipaddress=206.251.067.003&referrer=http://gonzo.ofthedayclub.com/Someone in your unwanted class C could override the [ipaddress] value andget in.Mike-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to
.This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Associated Messages, from the most recent to the oldest:
on 2/23/2000 3:44 PM, Scott Nelsen at scott@nelsen.net wrote:> I am denying people access to our website based on their IP address. Right> now I have> the following programming entered to block out an entire class C address -> obviously> the x's represent an IP address - I wanted to keep that confidential.> > ----------> > [ShowIf [ipaddress]^xxx.xxx.xxx]> > >
>
SIZE=+2>You have> been denied access to this site!> > [/ShowIf]> > [hideif [ipaddress]^xxx.xxx.xxx]> > <---homepage here but not shown to save space--->> > [/hideif]> > --------------> > What I want to know is how I can indicate a complete and separate Class C (or> for that> matter, class B) without doing multiple [showif]s and [hideif]s.> > (I know there is probably a better way to do this - we are looking into that> but for> right now I need to deny access until we can get the programming done.)> > Thanks,> > Scott> Scott, Don't want to burst your bubble, but there is a security problem withyour solution. You should use some other method to block IP addresses suchas any built in to your web server. The problem is, and this has beenbrought to the attention of SM already, session values such as ipaddress andreferrer that *should not* be editable, can be overridden by addingformvariables with the same name. Try this on for size...http://www.yourserver.com/protectedfile.tpl?ipaddress=206.251.067.003&referrer=http://gonzo.ofthedayclub.com/Someone in your unwanted class C could override the [ipaddress] value andget in.Mike-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Mike Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WC2f3 (1997)
Plugin or CGI or both (1997)
random in arizona (2003)
bug in [SendMail] (1997)
math and european notation (1998)
DON'T use old cart file! (1997)
FYI: virus alert (1996)
Repost: [convertwords] to convert carriage return? (2000)
WC2b15 - [HTMLx]...[/HTMLx] problems SOLVED! (1997)
WebCat2b13MacPlugIn - [showif][search][/showif] (1997)
SMSI - MacWorld (2005)
Cart date/time (2006)
TCP Connect (1999)
WC2/Mac -- Forms not submitting correctly with Mac browsers (1997)
WebCat2 beta 11 - new prefs ... (1997)
WC2.0 Memory Requirements (1997)
Re:2nd WebCatalog2 Feature Request (1996)
BBEdit WedDNA Codeless Language Module (2004)
Trouble with formula.db (1997)
For Grant: Webcatalog 4.0 - When will we be able to betatest it? (2000)