如何防止代码/程序访问 Web 应用程序? [英] How to prevent code/program access to web application?

问题描述

我想阻止任何人试图通过代码访问我的网站.代码从某种意义上说，任何类似于bot的程序，都会导致流量激增.

I would like prevent anyone trying to access my website thro' code. Code in the sense, any program that is like bot, which would cause traffic surge.

例如

URL url = new URL("http://www.example.com");
URLConnection yc = url.openConnection();

我想阻止上面的java代码打开连接.

I would like to prevent the above java code from opening a connection.

这可能吗?如果我能这样做，会不会有任何副作用(用户无法通过特定浏览器访问网站)?

Is this possible and if I can do so, will that cause any side effects(User unable to access the website through specific browser)?

推荐答案

简而言之，您不能.但是，您可以进行一些检查，例如用户代理(但同样，这很容易被更改/欺骗).

Short answer is you can't. However, you can make some checks like user agent (but again, this is easily changed/spoofed).

但假设您想要获得多数，请检查用户代理是否可接受，检查访问您页面的移动设备的设备.

But let's say you want to get the majority, check that the User Agent is acceptable, check the device for mobile devices accessing you page.

我知道人们做过的另一种方法是跟踪源发出的请求数量，并设置请求/时间阈值来测试连接是否合法".我自己没有做过这个，所以我不能说它的可靠性.

Another method I know that people have done is track the number of requests a source is making and having a threshold of request / time to test if the connection is "legit". I haven't done this myself, so I can't speak to it's reliability.

如果您想区分机器人，诸如 ( ReCaptcha) 之类的工具会有所帮助.

If you want to distinguish between robots, tools like ( ReCaptcha) will help.

这篇关于如何防止代码/程序访问 Web 应用程序?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！