>>Claude, could you possibly share your code that stores the bad IP
addresses
for a period of time to prevent these useless http requests? Thanks, CV.
Well, I'd be happy to, but it is a rather complete and complicated system.
It works for all sites/domains on the CF server, uses a database, and is
mainly
oriented toward bad and unwanted bots elimination. The spam and SQL
injection
detection is only a small part of it.
I can give you this part of code which detects illegal url parameters.
The idea is simply to
1. detect if an url parameter is invalid and,
2. if yes, check if there is anything evil in it.
In the first case, the request is simply ignored, in the second case,
the IP is banned.
This code will check if the parameter id is a numeric value:
<CFIF val(id) EQ 0
AND (id CONTAINS "http"
OR id CONTAINS "user"
OR id CONTAINS "declare"
OR id CONTAINS "exec")>
... ban this IP address
<CFABORT>
<CFELSE>
<CFSET id = val(id)>
</CFIF>
You may include this code in any page depending on some numeric parameter,
ot better: make it a custom tag or CFC.
For text parameters, like page names, etc. I simply use:
<CFIF pTexte CONTAINS "http"
OR pTexte CONTAINS "user"
OR pTexte CONTAINS "declare"
OR pTexte CONTAINS "exec">
For text fields in forms filled by users, a more precise analysis would
be needed, but
I have none of these on my sites. No one can enter anything if he is not
registered.
--
_______________________________________
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310360
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
