Application.cfc question: Where would be the best place to put this code?
Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww.north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306951 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Application.cfc question: Where would be the best place to put this code?
That would be the most logical place to put it. I'm not sure that a cfabort is the best bet though. Why not simply use a regex and just strip out the offending portion of the query string? Start with http and remove that, and everything after it. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:15 AM To: CF-Talk Subject: Application.cfc question: Where would be the best place to put this code? Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww.north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306952 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Application.cfc question: Where would be the best place to put this code?
OnRequestStart would seem to be a good place for it. You might also override the Session timeout (if you're using sessions) so that these spam requests don't create a large number of dead sessions. You can set the timeout to 5 seconds or something before you do the redirect. Regards, Brian On Fri, Jun 6, 2008 at 9:14 AM, Che Vilnonis [EMAIL PROTECTED] wrote: Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww.north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306953 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Application.cfc question: Where would be the best place to put this code?
Basically, I am trying to prevent auto generated 'error' emails from being sent to me 200+ times a day. What would the regex do? If I strip out the offending string, it will likely still be invalid and cause an error to be created. Good point on the cfabort though. Regards, Che -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:17 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? That would be the most logical place to put it. I'm not sure that a cfabort is the best bet though. Why not simply use a regex and just strip out the offending portion of the query string? Start with http and remove that, and everything after it. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:15 AM To: CF-Talk Subject: Application.cfc question: Where would be the best place to put this code? Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww.north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306955 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Application.cfc question: Where would be the best place to put this code?
Brian, w/regards to resetting the session timeout, would this work? cfif cgi.query_string contains http://; cfset session.urltoken = cflocation url=http://www.mydomain.com; /cfif Regards, Che -Original Message- From: Brian Kotek [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:18 AM To: CF-Talk Subject: Re: Application.cfc question: Where would be the best place to put this code? OnRequestStart would seem to be a good place for it. You might also override the Session timeout (if you're using sessions) so that these spam requests don't create a large number of dead sessions. You can set the timeout to 5 seconds or something before you do the redirect. Regards, Brian On Fri, Jun 6, 2008 at 9:14 AM, Che Vilnonis [EMAIL PROTECTED] wrote: Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww .north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306956 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Application.cfc question: Where would be the best place to put this code?
Well, the spammers had to get your page from somewhere...the page is likely only invalid because they're tacking on extra query params right? So removing the offending params might allow a valid request to get through. Remember that it's always possible that a legitimate person could have clicked a spammed link to get to your site. Why kill that legit request when you don't have to? -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:24 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Basically, I am trying to prevent auto generated 'error' emails from being sent to me 200+ times a day. What would the regex do? If I strip out the offending string, it will likely still be invalid and cause an error to be created. Good point on the cfabort though. Regards, Che -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:17 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? That would be the most logical place to put it. I'm not sure that a cfabort is the best bet though. Why not simply use a regex and just strip out the offending portion of the query string? Start with http and remove that, and everything after it. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:15 AM To: CF-Talk Subject: Application.cfc question: Where would be the best place to put this code? Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww.north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306958 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Application.cfc question: Where would be the best place to put this code?
OK. If I were to use a regex, should I still place the code in onRequestStart and use a re-direct with cflocation? -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:44 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Well, the spammers had to get your page from somewhere...the page is likely only invalid because they're tacking on extra query params right? So removing the offending params might allow a valid request to get through. Remember that it's always possible that a legitimate person could have clicked a spammed link to get to your site. Why kill that legit request when you don't have to? -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:24 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Basically, I am trying to prevent auto generated 'error' emails from being sent to me 200+ times a day. What would the regex do? If I strip out the offending string, it will likely still be invalid and cause an error to be created. Good point on the cfabort though. Regards, Che ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306960 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Application.cfc question: Where would be the best place to put this code?
You could just set this.sessionTimeOut, but on further thought if you just redirect them to the home page then they'll just start a new session there. Maybe a better option (if you're sure these are spammers) is just to abort the request and be done with it? On Fri, Jun 6, 2008 at 9:30 AM, Che Vilnonis [EMAIL PROTECTED] wrote: Brian, w/regards to resetting the session timeout, would this work? cfif cgi.query_string contains http://; cfset session.urltoken = cflocation url=http://www.mydomain.com; /cfif Regards, Che -Original Message- From: Brian Kotek [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:18 AM To: CF-Talk Subject: Re: Application.cfc question: Where would be the best place to put this code? OnRequestStart would seem to be a good place for it. You might also override the Session timeout (if you're using sessions) so that these spam requests don't create a large number of dead sessions. You can set the timeout to 5 seconds or something before you do the redirect. Regards, Brian On Fri, Jun 6, 2008 at 9:14 AM, Che Vilnonis [EMAIL PROTECTED] wrote: Losers are hammering my site with spam in the urls. The first line is what my url should look like. The second line is what I am getting from the spammers. http://www.mydomain.com/index.cfm?type=Specialtyspec=110 http://www.mydomain.com/index.cfm?type=Specialtyspec=http%3A%2F%2Fwww .north fans.ch%2Fforum%2Fadmin%2Fsettings%2Focoyo%2Fser%2F If I were to use the following code in Application.cfc, which function would be the best place to put it? Right now, I was thinking of placing it in onRequestStart. Any better ideas? The code would be simple an something like this: cfif cgi.query_string contains http://; cflocation url=http://www.mydomain.com; cfabort /cfif ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306957 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Application.cfc question: Where would be the best place to put this code?
That makes sense to me. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:54 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? OK. If I were to use a regex, should I still place the code in onRequestStart and use a re-direct with cflocation? -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:44 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Well, the spammers had to get your page from somewhere...the page is likely only invalid because they're tacking on extra query params right? So removing the offending params might allow a valid request to get through. Remember that it's always possible that a legitimate person could have clicked a spammed link to get to your site. Why kill that legit request when you don't have to? -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:24 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Basically, I am trying to prevent auto generated 'error' emails from being sent to me 200+ times a day. What would the regex do? If I strip out the offending string, it will likely still be invalid and cause an error to be created. Good point on the cfabort though. Regards, Che ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306962 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Application.cfc question: Where would be the best place to put this code?
OK. This is interesting. If I place the simple test code below in onRequestStart, I am *not* re-directed and I still get the error email and the error page displayed when a link like the one below is clicked. Why might this be happening? Is the error being processed first? onRequestStart always fires before onError, right? http://www.mydomain.com/index.cfm?type=selectModelmakeid=http%3A%2F%2Frabot nitsa.ru%2Fjoomla__%2Fadministrator%2Fbackups%2Farim%2Fzaf%2F cfif cgi.query_string contains http://; cflocation url=index.cfm /cfif -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:58 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? That makes sense to me. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:54 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? OK. If I were to use a regex, should I still place the code in onRequestStart and use a re-direct with cflocation? -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:44 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Well, the spammers had to get your page from somewhere...the page is likely only invalid because they're tacking on extra query params right? So removing the offending params might allow a valid request to get through. Remember that it's always possible that a legitimate person could have clicked a spammed link to get to your site. Why kill that legit request when you don't have to? ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306963 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Application.cfc question: Where would be the best place to put this code?
Oops. Fixed it. Needed to add urldecode() to my conditional. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 10:12 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? OK. This is interesting. If I place the simple test code below in onRequestStart, I am *not* re-directed and I still get the error email and the error page displayed when a link like the one below is clicked. Why might this be happening? Is the error being processed first? onRequestStart always fires before onError, right? http://www.mydomain.com/index.cfm?type=selectModelmakeid=http%3A%2F%2Frabot nitsa.ru%2Fjoomla__%2Fadministrator%2Fbackups%2Farim%2Fzaf%2F cfif cgi.query_string contains http://; cflocation url=index.cfm /cfif -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:58 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? That makes sense to me. -Original Message- From: Che Vilnonis [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 8:54 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? OK. If I were to use a regex, should I still place the code in onRequestStart and use a re-direct with cflocation? -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 9:44 AM To: CF-Talk Subject: RE: Application.cfc question: Where would be the best place to put this code? Well, the spammers had to get your page from somewhere...the page is likely only invalid because they're tacking on extra query params right? So removing the offending params might allow a valid request to get through. Remember that it's always possible that a legitimate person could have clicked a spammed link to get to your site. Why kill that legit request when you don't have to? ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:306967 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
