Solved

denying access to specific countries

Posted on 1998-10-26
10
211 Views
Last Modified: 2013-12-25
Hello, I'll come out and say it...  I haven't a clue about cgi.  But I'm fairly certain that cgi is the only way to deny access to my webpage from users of particular countries. If this is true. Could someone direct me to a resource where I could purchase or look at the code neccessary?

I'm looking for something along the lines of what netscape uses to keep its 128 bit encrypted browsers to only North American downloads.

Thanks in adance.
Paul.
0
Comment
Question by:Hohmann
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 8

Expert Comment

by:MaDdUCK
ID: 1829269
I would like this info too!
0
 
LVL 1

Expert Comment

by:maholt
ID: 1829270
One thing you can do....

When you get a request for a web page, the IP address of the machine making the request is sent as well.  You could do a reverse lookup on the IP and get the domain name.  You could then parse out the country.

Let me know if you are looking for someone to write this.
0
 
LVL 8

Expert Comment

by:MaDdUCK
ID: 1829271
what if you encounter a .com domain? these can be all over the world...

besides this, people could use www.anonymizer.com to gain access anyway...
0
 
LVL 5

Expert Comment

by:tfabian
ID: 1829272
I don't think you need to rely on CGI to do this..

check the docs for your web server.. if it supports .htaccess files, you can put deny statements in the .htaccess files to deny sending pages to any domain or conversely, you can put allow statements in to only allow from the domains you want..


much cleaner than trying to write a cgi script...



0
 
LVL 8

Expert Comment

by:MaDdUCK
ID: 1829273
I disagree because a CGI script will be portable and not only usable on UNIX. However, what about .com, .edu, .int, .org domains. I assume there are several million domains out there by now and I do not think you want to filter all non-US ones and include them in some sort of data of .htaccess file for denial...
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:Hohmann
ID: 1829274
The reasons I'm rejecting the proposed answer are basically listed by MaDduCK.
Maholt, I'm interested. But wouldn't that be a better answer to say allowing only certain people with certain service providers access to this site? THat way instead of blobking enormous lists of ips you're making a list of only a few ips that meet your criteria.

I found a site once that I figure read my windows preferences, because it actually told me what country I was from, and it gave it to me as English (Canadian)... The same as my option in my regional settings.
0
 
LVL 5

Expert Comment

by:tfabian
ID: 1829275
CGI scripts are not always portable.. most won't run on an NT server running IIS.. but then again, the .htaccess solution wouldn't work there either..



0
 
LVL 8

Expert Comment

by:MaDdUCK
ID: 1829276
even if the site actually obtained info from your windows settings (I highly doubt that), I would avoid that because users do not like it and because it is platform dependent. instead, I believe that there are products out there that specialize on exactly these fields. I have yet to find one, but you could contact Netscape and try to get info from them (they employ it as well as Microsoft, but the latter will charge you $90 for any question even if they do not answer it (been there, done that!))
0
 

Author Comment

by:Hohmann
ID: 1829277
heheh.  I was considering approaching netscape.  If I find out anything, I'll post a comment here.

The reason I believed that the site obtained info from my windows settings was that it was a site demonstrating how much information is passed about you without knowing, blah, blah, blah.  (that and the fact that the syntax struck me as similar to that system setting...)
0
 

Accepted Solution

by:
wayhigh earned 60 total points
ID: 1829278
I'd be interested in hearing the answer from netscape.

The only thing I've come up with so far is doing a whois on the domain with internic when the cgi script is run.. parsing the info and checking the return address for postal sent to the owners/admins of the domain.

In all honesty I don't think it would be too hard to write something to do that..

email me at klynn@santacruz.org if you're interested.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

In this tutorial I will focus on how to use WhizBase as a tool for sending ICQ messages to ICQ. Here I will use a new technology in WhizBase, published in WhizBase 5.1 version. In this tutorial I will use 3 files, pager.wbsp for the processing, e…
Batch, VBS, and scripts in general are incredibly useful for repetitive tasks.  Some tasks can take a while to complete and it can be annoying to check back only to discover that your script finished 5 minutes ago.  Some scripts may complete nearly …
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now