Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Re: newb: Best way to protect CGI from non-form invocation?

by zeno (Friar)
on Feb 05, 2007 at 22:39 UTC ( [id://598440]=note: print w/replies, xml ) Need Help??


in reply to newb: Best way to protect CGI from non-form invocation?

I recently read a blog entry on "The Coding Horror" (http://www.codinghorror.com/blog/archives/000712.html) in which the blogger (Jeff Atwood) explained that he had added an extremely low-tech captcha to his submission form-- the same jpg every time. He finds that for his purposes, this works-- it stops 99.9% of his comment spam in his blog, simply because there is a captcha.

Granted, it may not be the most sophisticated method, but why not try this before you shell out for a high-powered solution?

-- zeno - http://www.timallen.org
  • Comment on Re: newb: Best way to protect CGI from non-form invocation?

Replies are listed 'Best First'.
Re^2: newb: Best way to protect CGI from non-form invocation?
by JCHallgren (Sexton) on Feb 05, 2007 at 22:58 UTC
    Given that I'm using a website host that would seem to be quite flexible in what options I can have...to the point where they are WAY beyond my skills...back to one original point: Is there something that can be set EXTERNAL to my CGI that would prevent its execution when a POST buffer greater than 3K is passed to it? So that my CGI would never have to deal with data and also prevent DOS(?) attacks?
[reply]
      You should probably take a look at this. It has a lot of helpful tips, along with answering your question in the first entry.
      My Website
      Get Eated!
[reply]
        It was AFTER reading that section/page that I came up with my question! So it did NOT answer it, but helped cause question...as I'm not using CGI:pm, for various reasons (which experts here will likely disagree with) that I could not see how it would handle my data in the way that I needed to...so need some info on what methods might work when not using the standard rountines, ok?
[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://598440]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others about the Monastery: (4)
As of 2024-04-24 04:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found