Thanks for confirming that Ikai. Just a quick question, why append the
IP address with time & date?
I assume it's to determine when the last time the given IP was
inserted into the memcache?
I.e.
Key = "2010,06,30,12 - 127.0.0.1"
However, how would you perform a lookup for the key in the memcache
with IP == 127.0.0.1?
I would have inserted the raw IP as the key which points to some
object that encapsulates the time of last insertion; however, if
there's a better way please correct me ;)
On Jun 30, 8:38 pm, "Ikai L (Google)" <ika...@google.com> wrote:
> Yes, I have used your technique in the past. For the key, however, I've used
> this as the key:
>
> (Pseudocode):
>
> strftime("%Y %m %d %h") + ipaddress
>
> Memcache uses LRU to expire elements, so once the hour passes, the key will
> be quickly expired as it falls off the end of the list.
>
>
>
>
>
> On Wed, Jun 30, 2010 at 8:50 AM, mscwd01 <mscw...@gmail.com> wrote:
> > Thanks for replying.
>
> > First question, how would sharding counters be useful for limiting
> > people's requests?
>
> > Secondly, the request cannot be interrupted by a captcha as the
> > request wont be done in a browser and needs to be automatic - either
> > it succeeds or fails.
>
> > Any other ideas?
>
> > More importantly, could the memcache idea I mentioned previously work
> > well enough for this?
>
> > On Jun 29, 5:34 am, Benjamin <bsaut...@gmail.com> wrote:
> > > It's funny, i can't think of a better way to stop the abuse but i can
> > > think of a 100 ways to abuse it. I hate getting stuck in one of those
> > > spy vs spy - measure vs counter measure situations so i'm sympathetic
> > > to the challenge.
>
> > > Maybe you could randomly redirect a user to one of those "prove your
> > > human by entering these garbled looking words that only a human can
> > > read" tests. Like, one in every 100 clicks or so a user gets a random
> > > test they have to prove they are human before continuing on.
>
> > > Anyway, that's my 12:30 am $0.02. good luck.
>
> > > - Ben
>
> > > On Jun 28, 7:17 am, mscwd01 <mscw...@gmail.com> wrote:
>
> > > > I assume my idea was the best anyone can come up with?
>
> > > > On Jun 27, 10:27 am, mscwd01 <mscw...@gmail.com> wrote:
>
> > > > > Hey,
>
> > > > > I am developing an app which "awards" users for visiting a specific
> > > > > link. However, I want to ensure this is not abused by people writing
> > > > > scripts to visit the link rather than manually viewing it.
>
> > > > > Is there a way to check how many times a specific IP address has
> > > > > accessed your application within the last minute and deny access if
> > > > > the visit count is higher than, say, 20.
>
> > > > > I guess I could use the memcache to insert the users IP (if they have
> > > > > not visited before), then on each subsequent visit check if the IP
> > > > > exists and if so increment the visit count. However, will this work
> > if
> > > > > you have thousands of concurrent users?
>
> > > > > Is there a better way?
>
> > > > > Many thanks
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine for Java" group.
> > To post to this group, send email to
> > google-appengine-j...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > google-appengine-java+unsubscr...@googlegroups.com<google-appengine-java%2B
> > unsubscr...@googlegroups.com>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/google-appengine-java?hl=en.
>
> --
> Ikai Lan
> Developer Programs Engineer, Google App Engine
> Blog:http://googleappengine.blogspot.com
> Twitter:http://twitter.com/app_engine
> Reddit:http://www.reddit.com/r/appengine
--
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en.
