Yeah, we figured this out last night, finally. And yes, we have determined
a few of the sites that are pointing their search at us and will take
measures to deal with them.
My main goal was to keep anyone from doing it again, and the referral check
takes care of that.
Thanks for everyone's help on this issue.
Milo
At 09:07 AM 2/1/01 -0600, you wrote:
>Instead of checking the entire referrer, why don' you just check the domain
>it came from. Regardless of how you have your search set up, you should know
>what domain(s) the valid searches are coming from. Check the domain and send
>an error back if not coming from the correct place.
>
>In addition, find out who has pointed their search to your code and go after
>them. If you know thet these requests are coming from servers other than
>yours you should be able to easily determine where they are coming from.
>
>-----Original Message-----
>From: Milo D. Strawn [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, January 31, 2001 6:34 PM
>To: [EMAIL PROTECTED]
>Subject: RE: Protecting your code from theft
>
>
>I could probably verify the referrer, but I would only be able to do that
>after I knew that they had set up the search pages. What I really need is
>a way to keep anyone from doing it even if I don't know who they are or
>that they are trying to search using our templates.
>
>
>Thanks,
>Milo
>
>At 06:15 PM 1/31/01 -0600, you wrote:
>>Could you do something like verify the referer?
>>
>>-derek
>>
>>
>>-----Original Message-----
>>From: Milo D. Strawn [mailto:[EMAIL PROTECTED]]
>>Sent: Wednesday, January 31, 2001 6:10 PM
>>To: [EMAIL PROTECTED]
>>Subject: Protecting your code from theft
>>
>>
>>I have recently become aware that there are some websites out there that
>>are setting up search pages that are calling results templates on our
>>server. We obviously do not want this to happen. Apparently they found
>>our search pages, copied the code and made their own search pages.
>>
>>I have two questions, that may be pretty basic, but I have never run across
>>this problem before.
>>
>>1) How do you block your html pages from being able to view the source and
>>steal the code in the first place? Is there a meta tag or something that
>>will disallow the View Source option?
>>2) What is the best procedure for blocking someone from calling a template
>>on your server?
>>
>>Password protecting the site is not an option, as the searches are for
>>public information. So why, you say, do I want to block them. Because we
>>want and need control over where traffic is coming into our site.
>>
>>Again, this may be pretty simple and I may be overlooking the obvious here,
>>but I am in kind of a crunch on this problem.
>>
>>TIA for any help.
>>
>>Milo
>>
>>
>>
>>-------------------------------------------------------------------------
>>This email server is running an evaluation copy of the MailShield anti-
>>spam software. Please contact your email administrator if you have any
>>questions about this message. MailShield product info: www.mailshield.com
>>
>>-----------------------------------------------
>>To post, send email to [EMAIL PROTECTED]
>>To subscribe / unsubscribe: http://www.dfwcfug.org
>>
>>-------------------------------------------------------------------------
>>This email server is running an evaluation copy of the MailShield anti-
>>spam software. Please contact your email administrator if you have any
>>questions about this message. MailShield product info: www.mailshield.com
>>
>>-----------------------------------------------
>>To post, send email to [EMAIL PROTECTED]
>>To subscribe / unsubscribe: http://www.dfwcfug.org
>>
>
>-------------------------------------------------------------------------
>This email server is running an evaluation copy of the MailShield anti-
>spam software. Please contact your email administrator if you have any
>questions about this message. MailShield product info: www.mailshield.com
>
>-----------------------------------------------
>To post, send email to [EMAIL PROTECTED]
>To subscribe / unsubscribe: http://www.dfwcfug.org
>
>-------------------------------------------------------------------------
>This email server is running an evaluation copy of the MailShield anti-
>spam software. Please contact your email administrator if you have any
>questions about this message. MailShield product info: www.mailshield.com
>
>-----------------------------------------------
>To post, send email to [EMAIL PROTECTED]
>To subscribe / unsubscribe: http://www.dfwcfug.org
>
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
