>>I was hoping to find an elegant solution that stored the Ips in the
application scope for the length of the session timeout and then gracefully
removed the banned Ips once the session timed out.
How about doing this:
- Create a server scope array or list (if you have several sites), or
just in the application scope.
- add to the array any banned IP,
- delete the first element in the array (the oldest), if its length is
over a certain maximum
based on the idea that
the bot is probably operating from an innocent infected PC and will
not be a threat for months, so it is not useful to memorize banned
addresses
for ever.
- the length of the array you will keep depends on the amount of attacks
you are receiving each day,
about 100 or so sounds reasonable.
- In your application.cfm, simply check if cgi.REMOTE_ADDR is in the
list of banned addresses
and CFABORT if yes.
--
_______________________________________
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310364
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
