May 26, 2002 11:03 AM
To: Scot Robnett
Cc: Sebastian Nerz; [EMAIL PROTECTED]
Subject: Re: Checking who called a cgi-script
On Saturday, May 25, 2002, at 08:18 , Scot Robnett wrote:
> # Compare the referer against your "good list"
> for $domain(@good_domains) {
>
Hy,
drieux schrieb:
>
> On Saturday, May 25, 2002, at 08:18 , Scot Robnett wrote:
>
<..>
>
> my @good_domains = qw/domain1.com theIpAddrFor_domain1.com
> www.domain1.com theIpAddrFor_www.domain1.com
> domain2.com
On Saturday, May 25, 2002, at 08:18 , Scot Robnett wrote:
> # Compare the referer against your "good list"
> for $domain(@good_domains) {
> if ($domain = $referer) { # If the referer matches a
> $good_one = "success"; # domain in your list, set
> last; # $good_one
good_one ne "success") {
print "Content-type: text/html\n\n";
print <mailto:[EMAIL PROTECTED]]
Sent: Saturday, May 25, 2002 8:48 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Checking who called a cgi-script
Hy,
inSite Internet Solutions schrieb:
>
&g
Hy,
inSite Internet Solutions schrieb:
>
> I usually do a combination of things.
>
> * You can check domains, but they can be spoofed,
> so that in itself is not a cure. It's a start.
How can I check this?
>
> * Does the site have a static IP? You can set
>
I usually do a combination of things.
* You can check domains, but they can be spoofed,
so that in itself is not a cure. It's a start.
* Does the site have a static IP? You can set
the script only to run if called from that IP.
Once again 'spoofabl
