Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: newb: Best way to protect CGI from non-form invocation?

by zeno (Friar)
on Feb 05, 2007 at 22:39 UTC ( #598440=note: print w/replies, xml ) Need Help??


in reply to newb: Best way to protect CGI from non-form invocation?

I recently read a blog entry on "The Coding Horror" (http://www.codinghorror.com/blog/archives/000712.html) in which the blogger (Jeff Atwood) explained that he had added an extremely low-tech captcha to his submission form-- the same jpg every time. He finds that for his purposes, this works-- it stops 99.9% of his comment spam in his blog, simply because there is a captcha.

Granted, it may not be the most sophisticated method, but why not try this before you shell out for a high-powered solution?

  • Comment on Re: newb: Best way to protect CGI from non-form invocation?

Replies are listed 'Best First'.
Re^2: newb: Best way to protect CGI from non-form invocation?
by JCHallgren (Sexton) on Feb 05, 2007 at 22:58 UTC
    Given that I'm using a website host that would seem to be quite flexible in what options I can have...to the point where they are WAY beyond my skills...back to one original point: Is there something that can be set EXTERNAL to my CGI that would prevent its execution when a POST buffer greater than 3K is passed to it? So that my CGI would never have to deal with data and also prevent DOS(?) attacks?
      You should probably take a look at this. It has a lot of helpful tips, along with answering your question in the first entry.
        It was AFTER reading that section/page that I came up with my question! So it did NOT answer it, but helped cause question...as I'm not using CGI:pm, for various reasons (which experts here will likely disagree with) that I could not see how it would handle my data in the way that I needed to...so need some info on what methods might work when not using the standard rountines, ok?

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://598440]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (3)
As of 2022-05-29 12:56 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you prefer to work remotely?



    Results (101 votes). Check out past polls.

    Notices?