[TCLUG] apache 2.0.47 question

Wed Dec 17 10:55:06 CST 2003

I think people are missing the point.....

This is a number of schools, with a network of "publicly" used 
computers, at least public in the sense that any number of students in 
the schools can access these computers. Unless the ".pl page" is 
accessible to the "outside" world, filtering by IP would not solve the 
problem. If the page is accessible from the outside world, then a filter 
to allow only IPs within the school system would be partially effective.

I think the only way to solve the problem would be to implement a "log 
on" standard across all of the computers at all of the schools involved. 
Forcing the students to log on to use a computer would provide a two 
fold solution. First, it would get them used to proper computer security 
in a shared-PC environment. Second, it would allow you to "track" 
mischievous behavior. This is not a perfect solution, but I don't think 
there is a perfect solution.

There is a catch. If a student fails to properly log out of their 
session, someone could use that session to send the mischievous 
messages. Even if a student didn't send the message, but failed to 
properly log out, they could be reprimanded for not following proper 
security standards.

Once the message gets out that "you can be tracked down by your login", 
students will be less likely to cause problems, AND more aware of 
security measures that protect their "identity".

Callum Lerwick wrote:
>>I run a content filter at a number of schools. When a site is banned the
>>user gets a .pl page to fill out on my server explaining why they think the
>>site should not be blocked. I get an email of their comments each time the
>>form is submitted. Lately, some people with too much time on their hands are
>>bringing the page up from my web site and sending me some cute, simple
>>minded messages. Is there something I can add to httpd.conf that will only
>>allow the page to be pulled up if it is requested from a specific IP or
>>network?
> 
> 
> If its a script to begin with, the cleanest thing would probably be to
> just add some code to the script to ignore anyone coming from the wrong
> IP. Dunno how to do it in perl offhand, but the REMOTE_ADDR cgi variable
> should be what you want...

-- 
Todd Young
7079 Dawn Ave. E.
Inver Grove Heights, MN 55076

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list