[JaxPM] wget, etc...

JONES, WILLIAM C wcjones at exchange.fccj.org
Fri Aug 3 07:33:29 CDT 2001 

On the jacksonville-pm-list; Jax.PM'er "JONES, WILLIAM C" <wcjones at exchange.fccj.org> wrote -

Hmmm...

A 'Web Suck'  is easily detected and blocked...  But I would have to
'upgrade' to a heavier algorythm like yhe following (this set just sends
notifications - but you get the idea) --

Inside httpd.conf, use:

# Send Sneex (bill at fccj.org) e-mail when 'events' occur...
<Location />
    PerlLogHandler Apache::LogMail
    PerlSetVar     LogMailto  bill at fccj.org
#    PerlSetVar     LogPattern \.(cgi|html|shtml|txt)$
    PerlSetVar     LogPattern \.(cgi)$
</Location>

The Apache::LogMail script ('borrowed' from Lincoln and Doug's "Writing
Apache Modules using Perl and C" book)  --

package Apache::LogMail; 
# File: Apache/LogMail.pm 

use strict; 
use Apache::Constants qw(:common); 

sub handler { 
    my $r = shift; 

    my $mailto = $r->dir_config('LogMailto'); 
    return DECLINED unless $mailto; 

    my $filepattern = $r->dir_config('LogPattern'); 
    return DECLINED if $filepattern 
       && $r->filename !~ /$filepattern/; 

    my $request = $r->the_request; 
    my $uri     = $r->uri; 
    my $agent   = $r->header_in("User-agent"); 
    my $bytes   = $r->bytes_sent; 
    my $remote  = $r->get_remote_host; 
    my $status  = $r->status_line; 
    my $date    = localtime; 

    my $server_name = $r->get_server_name; 

    my $from = $r->server->server_admin || "webmaster"; 
    local $ENV{PATH}; #keep -T happy 
    unless (open MAIL, "|/usr/lib/sendmail -oi -t") { 
        $r->log_error("Couldn't open mail: $!"); 
        return DECLINED; 
    } 

    print MAIL <<END; 
To: $mailto 
From: mod_perl httpd <$from> 
Subject: Somebody looked at $uri 

For FCCJ Virtual WWW Server: $server_name 

At $date, a user at $remote looked at 
$uri using the $agent browser.  

The request was $request, 
which resulted returned a code of $status.  

$bytes bytes were transferred. 
END 

    close MAIL; 
    return OK; 
} 

1; 
__END__ 
  

It would be trivial to detect nate trying to scam on all the cool parts of a
web site and BLOCK him -- the side effect would be he could get around it by
going very SLOWLY -- which sort of defeats the purpose...

Sx  :)


 


-----Original Message-----
From: Nate Campi
To: JONES, WILLIAM C
Cc: 'jacksonville-pm-list at hfb.pm.org'
Sent: 8/3/2001 1:42 AM
Subject: Re: [JaxPM] wget, etc...

Bill,

mod_rewrite your way around this:
(granted this is a painful way to do it, but I don't need pics, and I
could easily script in sh to follow links and get them with netcat, 
not to mention *gasp* perl)

[nate at monkey:nate]$ nc -v -v ora.sunhelp.org 80
ohno.mrbill.net [207.200.6.75] 80 (www) open
GET /index.html HTTP/1.1
Host: ora.sunhelp.org

Jax.PM Moderator's Note:
This message was posted to the Jacksonville Perl Monger's Group listserv.
The group manager can be reached at -- owner-jacksonville-pm-list at pm.org
to whom send all praises, complaints, or comments...

More information about the Jacksonville-pm mailing list