Hello,
Someone is using HttpWebRequest to automaticly post datas or retrieve
datas from my site.
How can i stop pages to be get by the HttpWebRequest method ?
I know that pages get with HttpWebRequest have is no referer.
So for me the solution is to check the referer of the calling page, if
the referer is my domain, ok i can send the page, if not i can redirect
to an error page.
Is it a good idea ?
If you have other solution ?
Thanks 5 1632
you can add a referer header to a HttpWebRequest. there is really no way to
detect someone useing HttpWebRequest (or like) from a browser. also many
proxy servers strip the referer header, so you may block valid browser
users.
-- bruce (sqlwork.com)
"Not4u" <No***@chez.com > wrote in message
news:44******** **************@ news.free.fr... Hello,
Someone is using HttpWebRequest to automaticly post datas or retrieve datas from my site. How can i stop pages to be get by the HttpWebRequest method ?
I know that pages get with HttpWebRequest have is no referer. So for me the solution is to check the referer of the calling page, if the referer is my domain, ok i can send the page, if not i can redirect to an error page. Is it a good idea ? If you have other solution ?
Thanks
So there is no solution to block the use of HttpWebRequest ?.
Bruce Barker wrote: you can add a referer header to a HttpWebRequest. there is really no way to detect someone useing HttpWebRequest (or like) from a browser. also many proxy servers strip the referer header, so you may block valid browser users.
-- bruce (sqlwork.com) "Not4u" <No***@chez.com > wrote in message news:44******** **************@ news.free.fr... Hello,
Someone is using HttpWebRequest to automaticly post datas or retrieve datas from my site. How can i stop pages to be get by the HttpWebRequest method ?
I know that pages get with HttpWebRequest have is no referer. So for me the solution is to check the referer of the calling page, if the referer is my domain, ok i can send the page, if not i can redirect to an error page. Is it a good idea ? If you have other solution ?
Thanks
For posting data to your site, you probably would have to implement
some sort of human verification scheme to detect that a actual person
is actually doing the posting and not a scrip of some sort. You see
this all the time where website display a distored image with letters
and numbers and you have to type what is displayed in the image to
continue. This will trap scrips from posting data.
For reading, you probably have to protect those pages you don't want
them to read and require the person wanting to read to login first.
Yes i'll use the solution of random images.
My problem is it's a price comparison bot that grab info from my site
and use it to compare prices.
tdavisjr wrote: For posting data to your site, you probably would have to implement some sort of human verification scheme to detect that a actual person is actually doing the posting and not a scrip of some sort. You see this all the time where website display a distored image with letters and numbers and you have to type what is displayed in the image to continue. This will trap scrips from posting data.
For reading, you probably have to protect those pages you don't want them to read and require the person wanting to read to login first.
Thus wrote Not4u, Hello,
Someone is using HttpWebRequest to automaticly post datas or retrieve datas from my site. How can i stop pages to be get by the HttpWebRequest method ? I know that pages get with HttpWebRequest have is no referer.
That's not true. There's no way of knowing whether a request was sent by
a browser or some application simply sending the very same HTTP headers (unless
you could tell from certain implementation specific behaviors at TCP level...).
So for me the solution is to check the referer of the calling page, if the referer is my domain, ok i can send the page, if not i can redirect to an error page. Is it a good idea ? If you have other solution ?
If you think that you're victimized by a robot, you may try to add a robots.txt
(see http://www.robotstxt.org/wc/faq.html#robotstxt) to your web site.
Another way is to look for suspicious access patterns in your web server
logs that belong to certain source IP addresses, and block these addresses
at a firewall.
Cheers,
--
Joerg Jooss ne********@joer gjooss.de This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Gregory A Greenman |
last post by:
I'm trying to write a program in vb.net to automate filling out a
series of forms on a website. There are three forms I need to
fill out in sequence. The first one is urlencoded. My program is
able to fill that one out just fine.
The second form is multipart/form-data. Unfortunately, I haven't
been able to fill that out in a way that makes the server happy.
I set up a copy of this form at my web site so that I could see
exactly what a...
|
by: thomas peter |
last post by:
I am building a precache engine... one that request over 100 pages on an
remote server to cache them remotely...
can i use the HttpWebRequest and WebResponse classes for this? or must i use
the MSHTML objects to really load the HTML and request all of the images on
site?
string lcUrl = http://www.cnn.com;
// *** Establish the request
|
by: Steve Richter |
last post by:
I have a page that uses simple HTTP GET to do an ISBN lookup via
Amazon.com. The page works when I run it from //localhost. But I have
moved it to my godaddy.com shared hoster site, and I get errors on the
HttpWebRequest.GetResponse statement.
The remote server returned an error: (401) Unauthorized
also, when I use the network credentials object in the context of my
request, I get this error:
|
by: Cheung, Jeffrey Jing-Yen |
last post by:
I have a windows form application that generates a request, downloads an image, and waits the user
to enter in login info. Unfortunately, this image is dynamic and based on session data. I have
read documents on the CookieCollection property of HttpWebRequest. Currently, I have the
functionality in my code to be able to accept cookies, and return them upon a new HttpWebRequest;
however, upon further inspection of the returning...
|
by: Alex Papadimoulis |
last post by:
Hey Group,
I'm in the process of converting an ASP-based site to an ASP.NET site and
built a control that wraps around an ASP page. The control simply does a GET
to the same server to render the ASP content, and then just writes it to the
page.
In development and testing, there were no problems. Once deployed to
production, after the site runs for a few hours, it starts to slow down and
throw countless "Operation Has Timed Out"...
| |
by: Alex Papadimoulis |
last post by:
Hey Group,
I'm in the process of converting an ASP-based site to an ASP.NET site and
built a control that wraps around an ASP page. The control simply does a GET
to the same server to render the ASP content, and then just writes it to the
page.
In development and testing, there were no problems. Once deployed to
production, after the site runs for a few hours, it starts to slow down and
throw countless "Operation Has Timed Out"...
|
by: BillE |
last post by:
VS2005 VB.net
I'm using the HTTPWebRequest class to connect to a web site with SSL. I
first manually connected to the site and installed the certificate on my
computer, and then use the X509Certificate class to add the certificate to
the HTTPWebRequest, but I continue to get the exception:
"The underlying connection was closed: Could not establish trust
relationship for the SSL/TLS secure channel."
|
by: Marc Bartsch |
last post by:
Hi,
I have a background worker in my C# app that makes a synchronous
HttpWebRequest.GetResponse() call. The idea is to POST a file to a
server on the internet. When I call HttpWebRequest.Abort() on the
request object on another thread, GetResponse() returns with an
exception as expected. However, when I monitor the network traffic, it
does not seem to stop, but to continue to be active and to upload the
file. The network is active even...
|
by: twebb72 |
last post by:
Scratching my head for a while on this one... This project uses code from "Understanding HttpWebRequest CookieContainer?" post on this site.
C#, asp.net 2.0
The following code supplies credentials to the login page properly, if I change the POST credentials, it responds with the invalid login page. On the second get request (after a successful login), it continually redirects to the main page as if the session was over. Here is the code......
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |