Firewall monitor for SMF code itself – Restricting Mod modules talking to WEB

Started by Kiriakos GR, March 19, 2019, 08:34:16 AM

Previous topic - Next topic

Sesquipedalian

Quote from: GigaWatt on March 31, 2019, 05:46:49 PM
Certain parties would like to keep their site a secret (I know a few), in which case they can just use htaccess to block anyone without an adequate username and password from accessing their site.

Or more simply...

Quote from: Arantor on March 30, 2019, 04:03:11 PM
disable guest access
I promise you nothing.

Sesqu... Sesqui... what?
Sesquipedalian, the best word in the English language.

njtweb

Quote from: Sesquipedalian on March 31, 2019, 03:44:07 PM
Quote from: njtweb on March 31, 2019, 10:01:23 AM
I'm confused, why would anybody NOT want bots visiting their site? It's how they get indexed?

You feel confused because, although Kiriakos GR believes his request makes sense, in fact it is nonsensical. He is fundamentally asking for public data to somehow not be public and yet still be public.

LOL, that was great!


Sesquipedalian

I promise you nothing.

Sesqu... Sesqui... what?
Sesquipedalian, the best word in the English language.


Arantor

He just doesn't want it hard enough, otherwise he could pay a professional services company to implement it.

Doug Heffernan

Quote from: Arantor on April 02, 2019, 10:44:34 AM
He just doesn't want it hard enough, otherwise he could pay a professional services company to implement it.

I have a hunch that he needs it, but wants it for free.

GigaWatt

Quote from: Sesquipedalian on March 31, 2019, 07:39:40 PM
Or more simply...

Quote from: Arantor on March 30, 2019, 04:03:11 PM
disable guest access

Most of the parties I mentioned in my previous post wouldn't like anyone to know that that site exists. Only people with the link and credentials can access the site. And they also don't like the site/sites showing up on search engines. That is why using htaccess in those cases is actually a better solution ;).
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Arantor

If you're going down that road, don't use a domain name and just make everyone use IP addresses.

njtweb

Sounds more like an intranet kind of interest. I wonder, what is the point of running a website if you don't want anybody knowing about it?

Doug Heffernan

Quote from: njtweb on April 08, 2019, 07:55:08 AM
Sounds more like an intranet kind of interest. I wonder, what is the point of running a website if you don't want anybody knowing about it?

This is a very good question. The only thing that comes to mind to me, is a website that is up to no good... .

Kindred

Sounds like the sort of website that wants to be on the "dark web" but does not have anyone in charge of it who has any actual knowledge (and therefore does not belong on the dark web to begin with)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor

Nah, I don't think it's that creative, just someone who assumes that bots come to steal content without realising that the content is otherwise publicly visible because if it wasn't, bots wouldn't know about it or get it from the board index or RSS feeds.

Doug Heffernan

Quote from: Arantor on April 08, 2019, 01:59:40 PM
Nah, I don't think it's that creative, just someone who assumes that bots come to steal content without realising that the content is otherwise publicly visible because if it wasn't, bots wouldn't know about it or get it from the board index or RSS feeds.

In other words a moron then :D

That is the only other possible explanation that makes sense.

Arantor

See Hanlon's Razor.

Also note that this was initially pitched as an idea that can be used for free. Problem is, ideas are bountiful, finding the good ones is hard, making them real harder still.

GigaWatt

Quote from: Arantor on April 08, 2019, 02:20:07 AM
If you're going down that road, don't use a domain name and just make everyone use IP addresses.

But... you can't do that on a shared hosting account.

In any case, that is an option if the site was hosted at home, but I don't think most of those sites are... or even if they are, maybe they've got other sites hosted on the same IP, so... once again, a problem.

Quote from: njtweb on April 08, 2019, 07:55:08 AM
Sounds more like an intranet kind of interest. I wonder, what is the point of running a website if you don't want anybody knowing about it?

Doing something you wouldn't want anyone, except a certain handpicked crowd, knowing about. There are certain types of info and/or data that is considered precious... not to mention that gaining that info or data involves certain activities that are, at the very least, frowned upon.

And yes... basically these are kind of like intratnet sites... except they're available worldwide and are accessible with the right credentials.

Quote from: doug_ips on April 08, 2019, 10:20:06 AM
This is a very good question. The only thing that comes to mind to me, is a website that is up to no good... .

I believe I answered that in the previous part of this post ;).

Quote from: Arantor on April 08, 2019, 01:59:40 PM
Nah, I don't think it's that creative, just someone who assumes that bots come to steal content without realising that the content is otherwise publicly visible because if it wasn't, bots wouldn't know about it or get it from the board index or RSS feeds.

Well, I could name a few things that, as far as I know of and as far as I've searched online, aren't available anywhere else on the web... but I'd rather I didn't, at least not in public.

And no, it's not about bots stealing content, it's about anyone without the address knowing about the site, including bots and search engines. And if somehow, someone found out about it, they'll need htaccess credentials to access the site. And if they somehow found them out, guess what, there's another loging screen after that... no signup, no background image, nothing, just a plain login screen saying "Username and Password".
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Kindred

in other words, it's a bunch of people who want to think they have something worth protecting but don't actually have any knowledge...

Seriously -- if you're hosting that sort of thing on a share server, then you're not doing it right to begin with... :P



but fine....   add an htpassword, protect the directory level from the server. The turn off the forum for guests.
done.
nothing else needed.

Still a complete waste, IMO.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

GigaWatt

Quote from: Kindred on April 08, 2019, 05:46:56 PM
in other words, it's a bunch of people who want to think they have something worth protecting but don't actually have any knowledge...

Ummm... depends how you look on things... and for the record, I wouldn't call the people running these sites "having no knowledge". Most of them are well established in certain circles... and as I said, I have no idea if they're doing this from their home, a paid server, a shared hosting account, cloud hosting, etc. It was just a guess, I haven't actually tried to find this info out.

Quote from: Kindred on April 08, 2019, 05:46:56 PM
Seriously -- if you're hosting that sort of thing on a share server, then you're not doing it right to begin with... :P

Well, maybe they just like to hide in the forest, who knows :).

As I said, I have no idea where they're hosted, and even if I did, I wouldn't share that here.

Quote from: Kindred on April 08, 2019, 05:46:56 PM
Still a complete waste, IMO.

Each with his own opinion ;).
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Doug Heffernan

Quote from: GigaWatt on April 08, 2019, 05:54:43 PM
Quote from: Kindred on April 08, 2019, 05:46:56 PM
in other words, it's a bunch of people who want to think they have something worth protecting but don't actually have any knowledge...

Ummm... depends how you look on things... and for the record, I wouldn't call the people running these sites "having no knowledge".

While that may be true in theory, based on the posts of the OP in this topic, and elsewhere in this forum for that matter, "having no knowledge" can be safely said and it is nicely put imo.

GigaWatt

The last posts in this thread are completely unrelated to what the OP asked for. They're related to "why would anyone have a website and not want it indexed or accessible for everyone".
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Doug Heffernan

Quote from: GigaWatt on April 08, 2019, 06:06:20 PM
The last posts in this thread are completely unrelated to what the OP asked for. They're related to "why would anyone have a website and not want it indexed or accessible for everyone".

It is kind of related imho. The thing is that the last posts are a result of the OP 's strange/weird request.

Advertisement: