WebApp Sec mailing list archives
Re: Combatting automated download of dynamic websites?
From: Michael Boman <michael.boman () gmail com>
Date: Tue, 30 Aug 2005 23:53:34 +0800
On 8/30/05, Matthijs R. Koot <matthijs () koot biz> wrote:
Thanks for your reply zeno! But actually, referer-based anti leeching won't do it for me and mod_throttle isn't suitable for Apache 2. I'm in need of a throttling function based on something more advanced like a 'request history stack' to check the order in which pages were requested, probably within a certain time period, et cetera. Maybe it'd be better to move such security measures into the actual web application itself, but I'm still hoping someone knows of a service-based solution (i.e. like the beforementioned Apache module). Matthijs
How about placing a hidden link (around a 1x1 transparent pixel), and get anyone who "clicks" on it banned? Best regards Michael Boman -- IT Security Researcher & Developer http://proxy.11a.nu
Current thread:
- Combatting automated download of dynamic websites? Matthijs R. Koot (Aug 29)
- Re: Combatting automated download of dynamic websites? Jayson Anderson (Aug 29)
- Re: Combatting automated download of dynamic websites? Serg Belokamen (Aug 29)
- Re: Combatting automated download of dynamic websites? bugtraq (Aug 29)
- Re: Combatting automated download of dynamic websites? Matthijs R. Koot (Aug 29)
- Re: Combatting automated download of dynamic websites? Javier Fernandez-Sanguino (Aug 30)
- Re: Combatting automated download of dynamic websites? Eoin Keary (Aug 31)
- Re: Combatting automated download of dynamic websites? Javier Fernandez-Sanguino (Sep 05)
- Re: Combatting automated download of dynamic websites? Matthijs R. Koot (Aug 29)
- Re: Combatting automated download of dynamic websites? Michael Boman (Aug 30)
- Re: Combatting automated download of dynamic websites? Paul M. (Sep 05)
- Re: Combatting automated download of dynamic websites? Eoin Keary (Sep 07)
- Re: Combatting automated download of dynamic websites? Jayson Anderson (Aug 29)
- <Possible follow-ups>
- Re: Combatting automated download of dynamic websites? Tony Stahler (Aug 30)
- Message not available
- Fwd: Combatting automated download of dynamic websites? Mark Quinn (Aug 31)
- Message not available