HTTrack Website Copier
Free software offline browser - FORUM
Subject: clarification of section 1j of abuse.htm
Author: master_k
Date: 11/01/2003 13:00
 
/* not related with my previous inquieries */

i am creating a website and would like to learn more about 
section 1j of abuse.htm. what is the difficultie in seting 
up these scripts? as i can see it is quite easy to do. or 
am i wrong? simple ADD TO ABUSE DATABASE and dissalow 
access. just check on each page forIP and compare with 
ABUSE DB? no? if password USED TO allow access to website 
simply ban user for 24 hours and send email stating the 
reason. no? I USE .asp not .php currently but the 
implementation is the same. what i was wondering any way 
of doing this with a session variable? is it possible to 
limit acces by using a session variable when people use 
HTT or other offline browsers. and another not so easy 
way - how to check for traffic so if SERVER max conection 
is around 50k and user is using HTT with max 10 simult. 
connections he would not get banned!? banning would just 
occur for serious abusers!?
on a more personal note i think that all sites that 
provide information should have a DB that can be 
downloaded with all text on the site (this is possible to 
do with other types of documents not just .txt) by 
accessing just one file. it can also be many DB's (sorted 
by text topics). when i say DATABSAE here i also mean 
on .zip and .rar etc.. files that allow users of 
downloading information and reading it offline :)

your thoughts?everyones thoughts?
--
included section 1j of abuse.htm
<http://www.httrack.com/html/abuse.html>
--

Use technical tricks to temporarily ban IPs
Good: Efficient
Bad: Radical (your site will only be available online for 
all users), not easy to setup
How to to: Create fake links with "killing" targets
Example: Use things like <a 
href="killme.cgi"><nothing></a> (again an example in php:)

<?php
	// Add IP.
	add_temp_firewall_rule($REMOTE_ADDR,"30s");
?>
function add_temp_firewall_rule($addr) {
	// The chain chhttp is flushed in a cron job to 
avoid ipchains overflow
    system("/usr/bin/sudo -u root /sbin/ipchains -I 1 
chhttp -p tcp -s ".$addr." --dport 80 -j REJECT");
    syslog("user rejected due to too many copy 
attemps : ".$addr);
}
 
Reply


All articles

Subject Author Date
clarification of section 1j of abuse.htm

11/01/2003 13:00




f

Created with FORUM 2.0.11