Mar 21, 2007 05:32 pm Actually, I'd get kinda pissed off if some web site told me something I may have intentionally installed is bad...no, I don't think it's any of our concern as web developers.
A question for web developers
Posted on Mar 21, 2007 11:50 am
DungBeatle
Time Waster
Member Since: Jan 12, 2006
I maintain several private websites for the purpose of collecting data from faculty. In order to keep things uniform, I have to check the browser identity string and adjust a few things for some browsers and warn the user if they're using something too old to be compatible. The question I have is, in the browser identity string, if you encounter things like "funwebproducts" or "zangotoolbar" which are considered malware/spyware, do you think it's your responsibility to notify the end user?
[ Back to Top ]
Mar 21, 2007 05:32 pm Actually, I'd get kinda pissed off if some web site told me something I may have intentionally installed is bad...no, I don't think it's any of our concern as web developers.
Mar 21, 2007 06:04 pm Thanks dB, much appreciated. Got the same answer from another web developer so you're in the pocket, dude...
Mar 22, 2007 12:17 am I'd probably agree... if this was a private intranet though I would disagree... OR... if it was a private intranet I would log it and automatically identify the computer as needing servicing... depending on howmuch control I had over the IT department...
Mar 22, 2007 11:51 am Hey Zek, thanks for the info! I don't have any control over the IT department and it's not an intranet. But it is invitation only... We have people who provide support for that so I'm gonna leave it to them. I could provide a report to them if someone wants it. But I doubt they will want it or appreciate it...
Mar 22, 2007 12:42 pm You do, however, have the right to refuse entrance to people if you think they have something that could possibly threaten the site itself...
Mar 22, 2007 01:08 pm Hey dB, that's a good thought! I will have to really think about that one...
Mar 22, 2007 01:26 pm I dunno what platform you are on, but Apache webservers have this cool config file called .htaccess that you can ban useragents that contain various strings...I have a HUGE list on HRC...to ban ruthless bots, log spammers, certain referrers and junk like that...
Mar 22, 2007 01:30 pm I'm running Win2000 server, but I'm pulling together the parts to build a Linux server this year. Gotta get off of MS...
Mar 22, 2007 01:37 pm MS then it's either heavy string parsing/searching code or friggin ASAPI filters...yuck...cool stuff like that is a pain on MS...
Mar 22, 2007 01:55 pm I'm a C/C++ developer mainly, so I've written my share of ISAPI filters before. And IIS allows you to lock out by IP. Still kinda kludgy...
Mar 22, 2007 02:01 pm You can put apache on windows too.
Not that I do, but you can if so inclined.
Mar 22, 2007 02:12 pm yeah, gotta be careful with banning IP's though...not many folks have static IP's...you are typically banning a lot of people when banning an IP...
and yes, apache does run on Windows as well...as does Tomcat.
Mar 22, 2007 02:16 pm Usually the IPs I'm blocking are the ones from Asia Pacific and Netherlands. Nothing local...
Thanks again for the info! Maybe I'll deploy Apache on one of my Win2K servers just to test it out...
|
Related Forum Topics: |
If you would like to participate in the forum discussions, feel free to register for your free membership.