Gossamer Forum
Home : Products : Gossamer Forum : Discussion :

Preventing abuse of scripts

Quote Reply
Preventing abuse of scripts
I had someone logging in as a guest hundreds of times for the sole purpose of toppling over the server. Is there any way to prevent this? It could be done on a server level, but would be handy if GForum could be set to prevent multiple logins from the same IP (?)

Jason
Quote Reply
Re: [wickedmoon] Preventing abuse of scripts In reply to
Well you could always put this in access/httpd.conf ....

<Directory />
Order Deny,Allow
Allow From All
Deny From some_ip_address
</Directory>

.....as for GForum, can multiple logins come from the same person?....I didn't think that could be done.

Last edited by:

RedRum: Feb 7, 2002, 5:38 AM
Quote Reply
Re: [wickedmoon] Preventing abuse of scripts In reply to
Hi Jason

I just had the same problem. The server log files revealed that someone had used Teleport Pro (an offline downloader), to download everything from my site, including the whole forum. This robot sends a request every second or so, and my server was getting slower and slower.

Now, I have banned his IP address from the forum (which immediately stopped the download), and I use a robots.txt file to exclude Teleport robots from my forum pages.

Annoying....

Ivan
-----
Iyengar Yoga Resources / GT Plugins
Quote Reply
Re: [yogi] Preventing abuse of scripts In reply to
Ahh how silly, I should have realised it could be done...I even posted that 185 guests thing in chit-chat.

Isn't the point of sessions to stop that?

Can't sessions for guests be added into the database with their ip and last activity and if they try to do something every few seconds then block them?

Last edited by:

RedRum: Feb 7, 2002, 6:41 AM
Quote Reply
Re: [RedRum] Preventing abuse of scripts In reply to
Yes. This was implemented on the original GForum version 1, but was later taken out as people on fast connections were complaining that the forum was blocking them because they requested more than x amount of page per minute.

I'm the kind of person who opens each thread up in a new window, this means I could request say 7 pages in a few seconds which the server then blocked me. This is the reason I believe Alex took it out. :-\

- wil
Quote Reply
Re: [yogi] Preventing abuse of scripts In reply to
Don't know if this will help at all, but GT has added the Teleport spider exclusion in their robots.txt file...

http://www.gossamer-threads.com/robots.txt

I've added it myself and it has reduced the amount of unnecessary "spidering".
========================================
Buh Bye!

Cheers,
Me
Quote Reply
Re: [yogi] Preventing abuse of scripts In reply to
FWIW ... this only works with well behaved spiderers.... You can have Teleport Pro identify itself as MSIE, NN, or a custom signature.

When I "spider" sites with TP, I set it ti MSIE....


PUGDOG´┐Ż Enterprises, Inc.

The best way to contact me is to NOT use Email.
Please leave a PM here.
Quote Reply
Re: [Wil] Preventing abuse of scripts In reply to
When you're getting ten or so requests a second to try and cripple your server, and such a useful feature as banning multiple requests was taken out, to not even have it as an option to toggle on and off doesn't seem the brightest thing to do?

Jason
Quote Reply
Re: [wickedmoon] Preventing abuse of scripts In reply to
It was never a feature of Gossamer Forum, but rather a mod_perl handler we were playing with on Apache, totally separate.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] Preventing abuse of scripts In reply to
Thanks for clarifying that. Sorry if I caused any confusion to anyone by my lack of knowledge on this topic.

- wil