curl / Mailing Lists / curl-users / Single Mail

Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Catch external CURL calls to a website

From: Jan Stary via curl-users <curl-users_at_cool.haxx.se>
Date: Sat, 24 Aug 2019 19:49:14 +0200

On Aug 24 11:15:10, curl-users_at_cool.haxx.se wrote:
> I am managing a high traffic site. I get lots of spams, auto-submitting
> html form on our site.

Does the form have a captcha?

> My question is can I block all external CURL calls to my site
> but allow all internal ones to run.

How are you gonna tell that the client is curl
(and what difference does it make)?

> I use PHP, Apache.

That has nothing to do with it.

> Also, is there any different between a CURL called from PHP versus Python,
> etc.

Not from the server point of view.
A http request is a http request.

> I mean, if a hacker run a CURL from another environment than my
> server, can I still catch it?

I by "catch it" you mean "recognize that it is a curl script
running in this or that environment", then no. Obviously,
the client's environmen has nothing to do with your server.

I don't think your question is a curl question.
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-08-24

This message: [ Message body ]
Next message: Josh sak via curl-users: "I need some clarification on the curl verbose output"
Previous message: Matt Zand via curl-users: "Catch external CURL calls to a website"
In reply to: Matt Zand via curl-users: "Catch external CURL calls to a website"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]