Gossamer Forum
Home : Products : Gossamer Links : Discussions :

Remote sites using jump.cgi

Quote Reply
Remote sites using jump.cgi
I've just found a site that has quite a few of my links listed as http://domain.com/cgi-bin/jump.cgi?ID=xxx. When users click on the link they don't even know that my site is involved. I'm providing the maintenance/link checking and getting none of the credit Mad.

I've searched the forums looking for a way to prevent "hotlinking" of jump.cgi for want of a better word. I found a code snippet to add to the file but can't find it again. If anyone knows how to prevent linking via jump.cgi I would be interested to know how it is done.
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
So you are looking for some way to stop hotlinking of your jump.cgi? Should be quite simple... just modify something at the top of jump.cgi, so it has something like;

Code:
if ($ENV{HTTP_REFERER} !~ /\Qyoursite.com/i) {
print $IN->header();
print Links::SiteHTML::display('error', { error => 'No access' });
exit;
}

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!

Last edited by:

Andy: May 17, 2004, 2:46 AM
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Thanks for the suggestion Andy. It's throwing up a server error at the moment, which may be due to me editing the file via a web interface. I'm assuming this code snippet will work for domain.com with and without the www?
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Sorry, my boo boo. Forgot to print the header :) I've modified the above version so it now has print $IN->header() .. should work now :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Still no joy Andy, although editing via the web is always dodgy Unsure. I'll have a bit of a play with this code and see if I can get it working (I'm working on a copy called jump2.cgi so the server errors don't worry my visitors).

I added the code above after the lines beginning with '#' - is that where it would go (sorry for all the questions but I'm more at home with PHP).
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Can you paste where you put it? I would suggest putting it after the;

Code:
Links::user_init()

...part, as then all the variables etc are available to you :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Andy, here is where I have it (new code in red). I am getting 'premature end of script headers' errors in my log so that's why I think it is an editing problem at my end.

Code:
Links::init('/home/aglinks/public_html/cgi-bin/admin');
Links::init_user();

if ($ENV{HTTP_REFERER} !~ /\Qdomain.com/i) {
print $IN->header();
print Links::SiteHTML::display('error', { error => 'No access' });
exit;
}


if (GT::Plugins->dispatch ($CFG->{admin_root_path} . '/Plugins', 'check_request', \&Links::check_request)) {
GT::Plugins->dispatch ($CFG->{admin_root_path} . '/Plugins', 'handle_jump', \&Links::User::Jump::handle);
}
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
If you add this just before the part in red, do you get an actual error message?

Code:
use CGI::Carp qw(fatalsToBrowser);

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
The plot thickens Wink
Code:
Global symbol "$IN" requires explicit package name at jump2.cgi line 26.
Execution of jump2.cgi aborted due to compilation errors.
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Ok, I would take that out then, and I'll get a simple plugin made up for you. Probably easier, and it means you don't need to make mods to the main codes :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Thanks Andy, very kind of you Wink.
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Give the attached plugin a go :) I just tried it on my site, and it lets you through fine if the hit is coming from your site, and gives an error if it doesn't come from your site. Please note, this is a very basic plugin, and you have to edit the /admin/Plugins/Check_Jump_Referer.pm file, and replace ultranerds.com with your appropriate URL :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Thanks for the plugin Andy. Now I get the 'no access' error regardless of where the jump.cgi is accessed from!

There could be something else in my installation that is affecting it so it may be harder to implement than I first thought.
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Did you edit the URL in the .pm file?

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Yes, I tried domain.com with and without www too :(.
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Mmm... are you using mod_perl? (it may be caching the old version). Couple of things to try;

After (in the .pm file);

Code:
my (@args) = @_;

... put;

Code:
print $IN->header();
print "Referer: " . $ENV{'HTTP_REFERER'};
exit;

What does it show now when you click on a link?

I'm off on lunch now.... back in a bit (just so you know I havn't abandoned you Tongue)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Remote sites using jump.cgi In reply to
Andy, we have made some progress!

I pasted that code and the referrer printed nothing. I poked around on the computer I am using (I am away from the office) and it has Norton Internet Security running in the background. Once it was disabled your plugin worked fine (and probably the original code too).

I am just beginning to realise that Norton Internet Security is not a great program and can be quite limiting for users that have it installed. I may have to add some info to my site to let users know why they might be experiencing problems (some of the ad content gets blocked by it too).

Thanks for your thorough investigation as always Andy Wink.

Last edited by:

aus_dave: May 17, 2004, 5:19 AM
Quote Reply
Re: [aus_dave] Remote sites using jump.cgi In reply to
Ah, I guess thats because it blocks some data (although the HTTP_REFERER should be defined by the server itself)... but if it works when Norton is turned off, I guess it has something to do with that. Glad you worked it out though :)

Quote:
Thanks for your thorough investigation as always Andy .

No prob :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!