Thanks for confirming that Ikai. Just a quick question, why append the IP address with time & date?
I assume it's to determine when the last time the given IP was inserted into the memcache? I.e. Key = "2010,06,30,12 - 127.0.0.1" However, how would you perform a lookup for the key in the memcache with IP == 127.0.0.1? I would have inserted the raw IP as the key which points to some object that encapsulates the time of last insertion; however, if there's a better way please correct me ;) On Jun 30, 8:38 pm, "Ikai L (Google)" <ika...@google.com> wrote: > Yes, I have used your technique in the past. For the key, however, I've used > this as the key: > > (Pseudocode): > > strftime("%Y %m %d %h") + ipaddress > > Memcache uses LRU to expire elements, so once the hour passes, the key will > be quickly expired as it falls off the end of the list. > > > > > > On Wed, Jun 30, 2010 at 8:50 AM, mscwd01 <mscw...@gmail.com> wrote: > > Thanks for replying. > > > First question, how would sharding counters be useful for limiting > > people's requests? > > > Secondly, the request cannot be interrupted by a captcha as the > > request wont be done in a browser and needs to be automatic - either > > it succeeds or fails. > > > Any other ideas? > > > More importantly, could the memcache idea I mentioned previously work > > well enough for this? > > > On Jun 29, 5:34 am, Benjamin <bsaut...@gmail.com> wrote: > > > It's funny, i can't think of a better way to stop the abuse but i can > > > think of a 100 ways to abuse it. I hate getting stuck in one of those > > > spy vs spy - measure vs counter measure situations so i'm sympathetic > > > to the challenge. > > > > Maybe you could randomly redirect a user to one of those "prove your > > > human by entering these garbled looking words that only a human can > > > read" tests. Like, one in every 100 clicks or so a user gets a random > > > test they have to prove they are human before continuing on. > > > > Anyway, that's my 12:30 am $0.02. good luck. > > > > - Ben > > > > On Jun 28, 7:17 am, mscwd01 <mscw...@gmail.com> wrote: > > > > > I assume my idea was the best anyone can come up with? > > > > > On Jun 27, 10:27 am, mscwd01 <mscw...@gmail.com> wrote: > > > > > > Hey, > > > > > > I am developing an app which "awards" users for visiting a specific > > > > > link. However, I want to ensure this is not abused by people writing > > > > > scripts to visit the link rather than manually viewing it. > > > > > > Is there a way to check how many times a specific IP address has > > > > > accessed your application within the last minute and deny access if > > > > > the visit count is higher than, say, 20. > > > > > > I guess I could use the memcache to insert the users IP (if they have > > > > > not visited before), then on each subsequent visit check if the IP > > > > > exists and if so increment the visit count. However, will this work > > if > > > > > you have thousands of concurrent users? > > > > > > Is there a better way? > > > > > > Many thanks > > > -- > > You received this message because you are subscribed to the Google Groups > > "Google App Engine for Java" group. > > To post to this group, send email to > > google-appengine-j...@googlegroups.com. > > To unsubscribe from this group, send email to > > google-appengine-java+unsubscr...@googlegroups.com<google-appengine-java%2B > > unsubscr...@googlegroups.com> > > . > > For more options, visit this group at > >http://groups.google.com/group/google-appengine-java?hl=en. > > -- > Ikai Lan > Developer Programs Engineer, Google App Engine > Blog:http://googleappengine.blogspot.com > Twitter:http://twitter.com/app_engine > Reddit:http://www.reddit.com/r/appengine -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.