Re: Validate Radio Buttons? [message #182400 is a reply to message #182387] |
Sat, 03 August 2013 00:06 |
bill
Messages: 310 Registered: October 2010
Karma:
|
Senior Member |
|
|
On 2013-08-01 10:10 PM, Jerry Stuckle wrote:
> On 8/1/2013 9:25 PM, Christoph Michael Becker wrote:
>> Jerry Stuckle wrote:
....
>
> Yes, it is quite simple to check the referrer. However, that's a poor
> thing to check, because it isn't a required field and may not be set.
> Additionally, some firewalls/security products will strip the
> HTTP_REFERER before sending the data (Norton has been famous for this in
> the past - I don't know if they still do it).
Yup! No Referrer, no access! Wrong referrer, still no access. Spoof it
properly or forget it. Along with other checks &k balances along the way
of course.
>
> The result is checking HTTP_REFERER will keep out more valid users than
> it will block hackers.
That sounds like a bunch of bologna unless you can cite something
verifiable to support it.
I have never, in over a decade, seen Referrer ever block anyone and
I receive host reports of every single contact attempt on my site,
successful or not. Daily.
The only reason I don't have anything more cohesive to support my
claim is that I lost a lot of memory due to a serious brain concussion a
few years back, necessitating re-learing a LOT of things, but I still
have all my records in archive.
Every contact is and was evaluated to see if I care why a contact
attempt failed. Being so near a college town, there are a lot of
abandoned and unsuccessful access attempts. So far none have succeeded
although it's been a long trip getting my knowledge back!
So if you can, please cite something to support your claim that it keeps
out more valid users than bots & hackers & crackers.
>
|
|
|