Anti-Terrorism Methods in the Delorie Counter
Counter Terrorism is a term for any malicious use of a
counter, most likely an attempt to increment the counter wildly
without corresponding actual page accesses. There are many ways to
deal with it, and here are the ones that the Delorie Counter uses.
- Ignoring known offenders - if you know the host name that
the attack is coming from, you can put it in your control file with an
``ignore'' command. Accesses from that host will not
increment the counter.
- Ignore repeats - If one client accesses your counter
multiple times in a row, it only counts as one ``hit''. The chances
of an attacker having two spam-programmable machines available are
pretty low.
- Ignore unreferred hits - If the request does not come with
a valid referrer, it assumes that the access was generated by
something other than an IMG tag. This is, of course, easily
circumvented.
- Ignore remote referrals - If a web page from some other
server uses your counter in an IMG tag, they won't increment the
count.
The Delorie Counter is
Copyright © 1996 DJ
Delorie