2014-04-19 16:21 GMT+02:00 Andrea Pescetti <pesce...@apache.org>: > On 02/04/2014 Roberto Galoppini wrote: > >> softpedia.com ... passes traffic through our download redirector flow >> ... we can indeed redirect this traffic by referrer to a >> >> different landing page if one is provided. >> > > Can't we just serve a 403? It's their problem, not ours. It's not rude at > all, it's a way to protect our users: if we don't want that our unreleased > versions are purported for real releases, we need that users only access > them from a page on apache.org, on openoffice.org or e-mail until we > release them. > > So matching the HTTP referer and serving a 403 unless it comes from *. > apache.org , *.openoffice.org or is empty seems the best solution to me. > If we really want to be extra-polite, http://www.openoffice.org/ > download/devbuilds.html should be scary enough for casual users. >
We could take the chance to educate those users about which is the last available version, though. Reading Softpedia site it's clear they are not providing the end-user with a way to pick up 4.0.1 or 4.1 beta, and the title is just confusing "Apache OpenOffice.org 4.0.1 / 4.1.0 Beta". Our aim I believe it's to expand our userbase, redirecting them to an openoffice page explaining which are the options might be a good thing. Thoughts? > > Of course, if this is a manual operation that must be done when we enter > RC phase and undone after release, and only the SourceForge staff can do > that, then this becomes a bit complex. Or can the project members who have > access to the SourceForge area enable/disable the protection with no need > for external help? > So far regex-based redirect based on referral need to be managed by SiteOps, but I can make sure we get what we want. Roberto > > Regards, > Andrea. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org > For additional commands, e-mail: dev-h...@openoffice.apache.org > >