| Hi, Helen, On May 26, 2006, at 11:41 AM, Helen He wrote: Hi, All: Three things come immediately to mind if this production app is on the Internet and not an Intranet app: * surfers * spiders * hackers SURFERS: Although this is probably contributing the smallest number of hits to your site (if any at all), the response is the same as the first step for dealing with the other two, so I'll list it first. I would suggest, as a regular practice, that you set up your web site so that the first page displayed as people come to your site is a simple static HTML page describing what they will find there with a link to your WO app's main page. I haven't seen (or looked for) any statistics on this recently, but several years ago I remember reading that about 95% of hits to a typical web site are only to the first page. The surfer takes a quick look for whatever reasons and goes somewhere else. Their doing so, however, would leave a session created in your app if your main page is the home page of the site. SPIDERS: This is probably causing the large majority (if not all) of your session creations. Spiders are applications used by legitimate search companies (e.g. Google, Yahoo, etc.) to scan the web for new pages that they can index for their search engines. For advice on how to keep these from creating sessions, you can Google for "search robot txt" or just go here for a start: You will need to create a file named "robots.txt" in the root of your web server documents directory. In it, you can specify the rules that you would like legitimate robots to follow while transiting your site. You can easily keep them away from any dynamic content if you wish. By Googling on the words I listed above, I'm sure you will easily find several sites that provide the syntax and rules for such a "robots.txt" file. HACKERS: I have trouble keeping up with the latest terminology to describe these people, so use "Hackers", "Crackers", "Black hats", "Script kiddies" or whatever you want to call them. In any case, I'm talking about people who use programs or scripts to scan the Internet looking for security holes in networks. From glancing through more than a few network log files, most of this activity is directed toward a specific IP/port combination (e.g. "http://105.33.14.27:80") rather than a domain name or WO type URL (e.g. "http://www.mysite.com/cgi-bin/WebObjects/MyApp"). You would be amazed at the normal day-to-day flood of such traffic on an exposed IP address (i.e. one that is not protected by a firewall). The best way to control this traffic, of course, is through a well tuned firewall, but that won't stop those that are aimed at port 80 (the http service port). However, the suggestion for surfers, above, will considerably reduce session creation from this source as well. Regards, Jerry
-- __ Jerry W. Walker, WebObjects Developer/Instructor for High Performance Industrial Strength Internet Enabled Systems jerrywwalker@gee-em-aye-eye-ell.com 203 278-4085 office |
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
