Hello,
We would like to give free access for searching (without requiring logon) the db but do not want to provide the ability for someone to put our search form on their site and do searchs on our db (as it is within a subscription service) Is their a way to block all other domains/ip other than ours from searching?

Blocking domains from searching and accessing databases has been discussed in this Forum about two months ago. I wrote some codes that did this.

If you cannot find the Thread, let me know. But I would prefer you searching this forum first.

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------

Hi Elliott,
Actually, what I would like is to block all ip addresses / domain names other than my site domain so no one can use the search engine/script except on my page. Can I use:

@referers = ('mydomain.com');

I find this on another script. If so, where would I place it.

Thanks

NO.

You put the referers array at the very top of the db.cgi file. Then you add the reference to the Check_URL sub-routine [i.e., &Check_URL;] at the TOP of the sub query routine.

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------

Yes...You can use that.

Place the &Check_URL; (or whatever the name of the sub-routine is) at the top of the sub_query routine in the db.cgi file.

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------

Thanks again Elliot but I am a novice at perl am not sure what you mean.

Do I place: &Check_URL;
with the code: @referers = ('mydomain.com');

together at the top of the
sub query { routine

John

JohnP:

Here the thread that answers how to do this posted by Eliot in October:

http://www.gossamer-threads.com/scripts/forum/resources/Forum12/HTML/001262.html

Topic: Call the script from ONLY a few servers

Hope his helps

Thanks Lois & Elliot,
I was having problems with the fist code as it apparently was incomplete. Lois, your direction to the expanded answer at http://www.gossamer-threads.com/scripts/forum/forum.cgi solved most of the problem. The only one that remains is that when someone uses the search on a different domain it does not return an error message but just html code. I know the code pasted to the db.cgi has a error message but it does not appear to be working for us Any ideas.

John

Please copy your db.cgi script as a text file and then upload it to a publicly accessible directory on your server, so we can see what you've done.

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------

Oops...The problem could be related to the lack of HTML header call in the sub cgi_error routine.

Add the following codes:


before the first print statement in the sub cgi_error routine.

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------

Hi,
Okay zeroing in. Followed your suggestion and it does now show the error message, however, it displays the entire search results below the error message. Anyone can then simply click on the results to take them to the database search without restriction. Is there a way simply to show the erro message?

Ah...that is basically a cosmetic error. The search engine will still only be accessible by your domain!!!!!!!!

To clean up the cosmetic error, try the following:

1) Add the following codes to the elsif statements in the sub main routine of the db.cgi file:


2) Change the following codes in the sub cgi_error routine in the db.cgi file:


TO THE FOLLOWING CODES:


3) Then create a new sub-routine in the html.pl file called sub html_domain_error. It should look like the following:


I REALLY HOPE THIS HELPS!

Regards,

------------------
Eliot Lee
Anthro TECH,L.L.C
www.anthrotech.com
----------------------





[This message has been edited by Eliot (edited January 08, 2000).]

[This message has been edited by Eliot (edited January 08, 2000).]