Posts: 64
Threads: 18
Joined: Jan 2020
Reputation:
4
Location: Germany
At this point (IWServerControllerBaseBeforeNewSession) it would be interesting to prevent a response of the server.
In other words: The server does not respond and is therefore "invisible".
Can this be implemented? Or is there an adequate possibility somewhere else?
Thanks in advance for a reply on this!
The way to success is always under construction ... but i see a light at the end of the tunnel
Posts: 64
Threads: 18
Joined: Jan 2020
Reputation:
4
Location: Germany
You're right.
But maybe there is another event of the ServerController to prevent any response based on the request?
My goal would be to generate a timeout (ERR_CONNECTION_TIMED_OUT) for unwanted requests.
The way to success is always under construction ... but i see a light at the end of the tunnel
Posts: 2,266
Threads: 198
Joined: Mar 2018
Reputation:
86
Location: Auckland, New Zealand
04-18-2023, 08:29 PM
(This post was last modified: 04-19-2023, 11:11 PM by Alexandre Machado.)
I don't see how you can do this using HTTP protocol. When the browser connects to the server there are 2 possibilities: The server responds at some point or the connection is broken (and the browser detects it and knows that the connection has been broken). What you want is to deny a connection before knowing the nature of the request, which I think won't succeed. You could try to block the request/connection at a router or proxy level based on the IP of the origin.
Posts: 2,266
Threads: 198
Joined: Mar 2018
Reputation:
86
Location: Auckland, New Zealand
04-19-2023, 10:55 PM
(This post was last modified: 04-19-2023, 10:55 PM by Alexandre Machado.)
MSJ above presents a very interesting (and also simple, effective and cheap) solution for that problem.
IntraWeb internally already has all the logic to block connections based on their IP (it is used with the IWIPGeolocation classes), but at its core level (i.e. after the request has been received). It would be interesting to reject connections at the server level based on some user configurable rules