session,cookies,web-crawler , Create accounts only for real people


Create accounts only for real people

Question:

Tag: session,cookies,web-crawler

I am building a simple website where users can try a website without registering. I basically create shadow account and log users in without them knowing, so I don't have to bother with functionality of not-logged in users.

I then set the cookie to a user so they can come and use website anytime later without loosing any data.

The problem is that there is lots of scrappers, bots, crawlers... These bots are unintentionally creating a new account every time they visit, because they are not accepting a cookie and I cannot identify them on 2nd visit. And some of them are visiting frequently so I end up with 10's of thousands of accounts that are never really used.

Few things came to my mind:

  1. Expire/remove user if there is no further action on the page (Seems like best idea)
  2. Detect if user accept cookies (this requires that I redirect a user and validate that he can accept cookies - not sure how efficient/slow this is)
  3. Parse user-agent and identify the browser if unidentifiable it is a bot (I'm not sure how reliable this is)

What are my options to address this issue, what do you suggest?


Answer:

You can check your user accepts cookies via AJAX. On landing page set a cookie and then send a request back to server immediately after page load with the cookie. And only if the cookie is present, then create your user. This will be quick and confirms that the users browser supports cookies.

Expire/remove user can also work well, but you might end up creating and deleting a lot of users which can be expensive on the server.

Sending a dummy User-agent header is a very simple thing for bots and I think they do it anyway (Bad bots) to make sure web servers allow crawling. So they cannot promise the authenticity of the browser.


Related:


Setting a cookie to only show popup once


javascript,jquery,cookies
I'm trying to setup a cookie to only show a popup once, here's my code so far: jQuery(window).load(function(){ // Load pop up within parent-page section only if (window.location.href.indexOf('parent-page') > -1) { alert("your url contains the parent-page in the URL"); $.magnificPopup.open({ items: [ { src: '#disclaimer', // CSS selector of an...

Meteor: Passing Session values from client to server


javascript,node.js,session,meteor
I am using the following code on the client side to set the Session variable: Template.download.events({ 'click button': function() { var clientid=Random.id(); UserSession.set("songsearcher", clientid); console.log(clientid + UserSession.get("songsearcher")); I am using the following pacakge: Meteor-User-session, which will explain the use of UserSession in place of Session. Now, this works fine. But...

.htacces rewrite by cookie value


apache,.htaccess,mod-rewrite,cookies,url-rewriting
I have a website in 2 languages. I'm inserting the text for each language through php constants and I define the user language through a cookie (lang=es or lang=en). Now the base url in each language is www.webname.com/ but i want to rewrite it depending on the language. If the...

cookie not setting as expected


javascript,cookies
When I set a cookie like this, it works: var now = new Date(); now.setDate(now.getDate() + 30); document.cookie='bla=cats; expires=' + now + ';path=/;' But when I do this it does not: var now = new Date(); now.setMinutes(now.getMinutes() + 30); document.cookie='bla=cats; expires=' + now + ';path=/;' So I want to set...

Javascript Retina / HD display detection and blocking page render during reload


javascript,php,cookies,retina
My question is pretty much about page reload rather than retina detection. I'm using the code below in head tag for retina display : <script type="text/javascript"> if( document.cookie.indexOf('device_pixel_ratio') == -1 && 'devicePixelRatio' in window && window.devicePixelRatio == 2 ){ var date = new Date(); date.setTime( date.getTime() + 3600000000 ); document.cookie...

What are the techniques to manage “session” or invocation context for Stateless EJBs during Remote calls?


session,java-ee,ejb,rmi,java-ee-6
I am writing an application that uses RMI to invoke EJBs. The EJBs are Stateless; the business requirements do not require conversational state with the client. One of the parameters to the EJB method calls is a "User" object used to determine if the user associated with the call has...

Cookie values consistently returning null


javascript,cookies
I'm attempting to use a prompt to have someone enter a value, make that value into a cookie, then have a link that will redirect that person to a second page where their cookie value would be displayed. The issue I'm running into is that the cookie in question continues...

Authentication with OAuth and JWT but without OpenID Connect


session,authentication,oauth,authorization,openid-connect
I’m wondering if I really need OpenID Connect to provide authentication on top of OAuth2. It seems to me if I generate JWTs (JWE) as my access token and I store user claims, roles/permissions, etc. in the access token, then the OpenID Connect's id token isn't needed. Resource servers can...

get information in database and insert into session codeigniter


php,database,codeigniter,session
i am new to codeigniter and using session. i am having a problem in inserting individual data in session. Model: function get_user_info() { $user_email = $this->input->post('signin-email'); $this->db->select('acct_id, acct_fname, acct_lname, acct_mname'); $this->db->where('email', $user_email); $query = $this->db->get('account'); return $query->result_array(); } Controller: public function LoginValidation(){ $this->load->library('form_validation'); $this->form_validation->set_rules('email', 'Email',...

Storing Check Box Selection in Cookies


c#,asp.net,cookies
I have programmed a Remember Me check box to store the username and password in cookies if the box is checked. My problem is, that if they check it and then re-launch the application the username and password auto fill, but the checkbox does not stay checked. I have not...

Adobe DTM Custom rule conditions check for cookies


cookies,adobe,adobe-analytics
I have some problems to get a specific rule to fire in DTM. And the documentation on custom rule conditions from Adobe is very basic. What is should do: Check if a specific cookie exists (values of the cookie are irrelevant). When this cookies does not exist fire the rule....

$_SERVER['HTTP_COOKIE'] return's two PHPSESSID


php,session,session-cookies
I am getting two PHPSESSID while printing $_SERVER['HTTP_COOKIE']. Actually I don't know how it is set twice, its only in my local system. When I check the SERVER cookie it like: echo $_SERVER['HTTP_COOKIE']; //result 'fe_toolbar=false; fe_toolbar=false; PHPSESSID=4tvbovcjk0msf9dvibeb31c2b7; langId=1; backendLangId=2; PHPSESSID=46aagg1hg7as2uh9bihjlpp8h7' When I check my cookie alone like : print_r($_COOKIE); //result...

Force WWW when URL contains path using .htaccess


.htaccess,session,url,redirect
I'm having a problem with my URL and my sessions. I wish to have ALL website pages be forced to use www. As it looks like now, the website looks like this: www.example.com into www.example.com example.com into www.example.com www.example.com/example/ into www.example.com/example/ example.com/example into example.com/example (this is what's wrong) This is...

Disconnect Session via Powershell [closed]


session,powershell,user,server,disconnect
Is there a command to disconnect a user from a session on a server via PowerShell? To logoff i use: Logoff /server:<Server> <SessionID> ...

session value in javascript cannot be set


javascript,function,session
I am quite new to javascript, I wonder why my session value in javascript wont be set to 1 even I tried. When call this function again, the value of the session will change again. My javascript code as below. <script type="text/javascript"> function Confirm() { alert(<%=Session["Once"]%> != 1); var value...

OSX tmux configuration session open file in vim automatically


osx,session,vim,configuration-files,tmux
So I have tmux and vim running in iterm2 on OSX. I have a tmux.conf file that sources a session in ~/.tmux/ called 'left'. I have successfully loaded this session with three panes. Two panes in a left column and a single pane on the right. I have also managed...

codeigniter session object expired availability


php,codeigniter,session,session-state
This might be a silly question. Once a user has been logged in, if session expires I want to redirect him to a "lockscreen" instead to a "login" page. I want to send to the lockscreen some session data (like img-src and loginname) So, here's the question. Does session object...

Is it a good practise store the checkout steps fields in php $_SESSION?


php,session,e-commerce,checkout
I have my e-commerce site with three checkout steps, each button to continue is a POST action and redirect to the next step: if the user navigates by the checkout steps (click on the previous button for example), the form fields don´t show the data posted previously. This form fields...

How do you trigger session garbage collection in PHP < 5.4?


php,session,php-5.3
I need to force session garbage collection to trigger in PHP, and I'm using version 5.3.3. I see in PHP 5.4, you can call: SessionHandler::gc() What is the best method to get the same result given the PHP version I am using?...

Prevent a triggering action using a cookie with JavaScript


javascript,cookies
In a wordpress site I have a pop up window (for email capture) that is triggered by the "mouseleave" event. The pop up works fine but Once the info is captured or the pop up window closed I dont want to bother the visitor with this pop up anymore. So...

how do i store these values into just one Session PHP


php,session
I have this variable that contains multiple values and I want to save all the values into a $_SESSION['gamecode']. It displays only the last value. $var=explode("|",$key); $gamecode=trim($var[0]); session_start(); $gc[]= trim($var[0]); $_SESSION['gamecode'][]=$gc; var_dump($_SESSION['gamecode']); EDITED foreach($_POST['gm'] as $key => $answer){ if($answer != ''){ $var=explode("|",$key); $gamecode=trim($var[0]); $_SESSION['gamecode'][]=$gc; var_dump($_SESSION['gamecode']); EDIT 2 foreach($_POST['gm'] as $key...

PHP session array multi


php,arrays,session
Can some one help me with this? var_dump ($_SESSION['korpa']); Result is this: array(3) { [0]=> array(2) { ["kolicina"]=> int(2) ["item"]=> string(1) "1" } [1]=> array(2) { ["kolicina"]=> string(2) "50" ["item"]=> string(1) "1" } [2]=> array(2) { ["kolicina"]=> string(1) "1" ["item"]=> string(1) "1" } } If $_SESSION['korpa'][0]['item'] exists two or more...

python-requests does not grab JSESSIONID and SessionData cookies


python,django,session,cookies,python-requests
I want to scrape a pdf file from http://www.jstor.org/stable/pdf/10.1086/512825.pdf but it wants me to accept Terms and Conditions. While downloading from browser I found out that JSTOR saves my acceptance in 2 cookies with names JSESSIONID and SessionData but python-requests does not grab these two cookie( It grab two other...

Is it possible to share session between different PHP versions?


php,apache,symfony2,session,iis
I am starting an old app refactoring, I will rebuild some functionality from spaghetti code to MVC (Symfony). Plan was I will set up new IIS app, using subdomain. Now, old app is running PHP 5.3 which can't be upgraded. New app will be running on PHP 5.6. Only thing...

When is the cookie set by AJAX available in javascript?


javascript,ajax,cookies
I'm doing an AJAX call and setting a cookie in the user browser in the response (the server code sets the cookie). I noticed in the success callback from the ajax, the cookie is not available. When I look in document.cookie the new cookie is not there. My question, when...

Why php session var that is set has been lost after redirect by javascript


php,ajax,codeigniter,session
I have two page that are skytrip.localhost/searchresults and skytrip.localhost/bookingInfo In page searchresults , I make ajax request , then it is redirected to page bookingInfo. In ajax request , I set a sesion value , then I want to get this value in the page bookingInfo. But I can't get...

Exact solution to keep cookie after closing firefox


firefox,cookies
I know this is asked many time but i want exact solution. Why cookies are deleted after closing firefox? I want to keep cookies after closing firefox....

after puttin php syntax, my website get stuck at preloader


php,twitter-bootstrap,session
I have this code on my php file for navbar: <?php if(!$session->is_logged_in()) { echo ' <a href="login.php" role="button" aria-expanded="false"> Login <span class="label"> login to system</span> </a> </li>';} else { echo ' <a href="#!" class="dropdown-toggle" role="button" aria-expanded="false"> ' . $session->user_name; . '<span class="badge bg-default">2</span> <span class="caret"></span> <span class="label">it is you</span> </a>';...

How to access application data in a session .jsp file


java,html,jsp,session,user
I am new to the javaservice page session environment, and I am executing the following loop to view all my session attributes: <% for (Enumeration e = session.getAttributeNames(); e.hasMoreElements(); ) { String attribName = (String) e.nextElement(); Object attribValue = session.getAttribute(attribName); %> <BR> <%= attribName %> - <%= attribValue %> Which...

Retaining scope value from the cookie store on page refresh


javascript,angularjs,cookies
I have the following code in one of my controllers. $scope.artistId = $cookies.artistId; $scope.artistName = $cookies.artistName; $scope.switchArtist = function(artist) { $scope.artistName = ''; $scope.artistId = ''; $scope.artist = artist; $cookies.artistName = artist.name; $cookies.artistId = artist.id; $scope.artistName = artist.name; $scope.artistId = artist.id; $rootScope.$broadcast(ARTIST_EVENTS.switchedArtist); }; Then in my view I have {{...

Serializing a java bean into a cookie: Is it bad?


java,json,cookies
In the organization that i work for, there was a serious debate about the following. Scenario: There is a POJO with 6 different properties all are of type Strings. These values need to be persisted as cookies so that it can be picked back when someone does a booking on...

Secure Cookie Attribute in WebSphere


cookies,websphere,jsessionid
We are trying to secure our JSESSIONID in our WebSphere Full Profile I have followed the URL provided: http://www-01.ibm.com/support/docview.wss?uid=swg21422185 Our server configuration: Server11_was: I have Recycled my node - servers and runtimes. However, The JSESSIONID still coming as not secure. Am I missing something? WebSphere version: 8.5.5.1...

PHP Session Information Not Being Stored


php,session
I am trying to make a very simple website, where you can go to the main page and log in, of which the code is here example.org/login/index.php: <?php session_start(); $warning = $_GET['warning']; $nolog = $_GET['nolog']; $username = "Welcome, please log in"; if ($warning) { $username = "Wrong Username/Password Combination"; }...

How to share the same email session between all instances of the application?


java,session,java-ee,javamail
Maybe this question is already answered, but I couldn't find the proper answer. I have a web application based in JSF, and I want to share the same email session between all the instances of the application, yet I haven't found how to do that. My questions are: a) What...

Distributed session implementation detail


c#,asp.net,session,azure
With the reference to the structure of session module in ASP.NET below: As I understand, when the application uses distributed session provider (.e.g. Redis in Azure), the SessionStateModule will deserializes the user's session data into Session dictionary at the beginning of a request. What I'm wondering is whether the module...

Devise prevent auto sign-in after registration


ruby-on-rails,ajax,session,devise,registration
Here's my scenario : Users can register on my website by entering their university login. My app checks this login against the university LDAP, and if it exists, it will duplicate the university LDAP entry on my own LDAP + create a database entry for the user on the rails...

PHP Cookie to Track/Limit Website Joins (Preventing Automated Account Creation)


php,cookies,setcookie
I want to implement a solution to limit the number of Website Joins can be made by one user. I thought of tracking IP address but these are to generic now. I'm now looking to set a cookie and increment for each join and then block joins at say 5...

Logging DateTime in SQL Table When Users Session Ends


c#,sql,session,datetime
I have written an application and with this application the user has to login. I have a table where I am keeping their login token for that session, datetime they logged in, datetime they logged out and the duration in which they were logged in. This functionality works great when...

Check if a cookie array element exists


javascript,jquery,cookies,js-cookie
How can I check that an array element already exists within cookie? Here is my code: var cookieList = function (cookieName) { var cookie = Cookies.get(cookieName); var items = cookie ? cookie.split(/,/) : new Array(); return { "add": function (val) { items.push(val); Cookies.set(cookieName, items.join(','), { path: '/' }); } }...

slideToggle state not working with multiple boxes


javascript,jquery,cookies
I'm trying to save the toggle state of collapsable boxes using cookies. Here's my code: HTML: <div class="box_container"> <div class="box_handle"> Title </div> <div class="box" data-title="admin_actions"> Content </div> </div> Javascript: $('div.box_container div.box_handle').click(function() { $(this).next('.box').slideToggle('fast'); }); $.each($('div.box_container div.box_handle'), function(index,value){ if ($.cookie('show_box_' + $(value).next('.box').attr('data-title')) != 'closed'){...

multiple SESSION cookies being set?


php,session,cookies
My site is sending two different session id cookies (PHPSESSID), one under "www.sitename.com" and the other "sitename.com". I read this answer here which says to specify the domain used in the 5th parameter, but what about SESSION cookies which are created automatically? I think the issue is that the facebook...

Symfony2: ajax call redirection if session timedout


ajax,symfony2,session
I have a working dashboard with ajax request. I fire an ajax request on some events which will update a part of the dashboard. But if the session has expired, the part will be refreshed with the login page. How can i do a redirection after the ajax call if...

Using a cookie to save the state of a toggled division


jquery,cookies,toggle
While I've found essentially the same question asked a number of times here and on other sites, I've spent hours and hours trying to get those answers to work on my site to no avail; I'm just plain stumped. Possibly because I'm fairly new to Javascript, self-taught, and I'm doing...

Server side session in asp.net


asp.net,web-services,session
I want to set one value in server side session in client side and need to access that session in web service, so i tried below In client side : //Set the server side session like below var vr_="demo.png"; '<%Session["path"] = "' + vr_ + '"; %>'; //In alert,checked the...

Get current session info using separate linked php file


php,html,mysql,session,echo
These are the only times Select shows up in the file. . . . function GetUserFromEmail($email,&$user_rec) { if(!$this->DBLogin()) { $this->HandleError("Database login failed!"); return false; } $email = $this->SanitizeForSQL($email); $result = mysql_query("Select * from $this->tablename where email='$email'",$this->connection); if(!$result || mysql_num_rows($result) <= 0) { $this->HandleError("There is no user with email: $email"); return...

Android Cookies (Reward for Invites)


android,cookies,google-chrome-app,android-browser
I am trying to integrate 'reward for invites' logic. What I am trying to do for this is I generate a unique URl for every user. When a friend clicks on the URL he is directed to a page and then to the playstore. On the page, a cookie with...

How to include PHP $_SESSION values in a javascript file?


javascript,php,session
I use $_SESSION['siteRoot'] to store the root address of my website in (it's basically a framework so this can change depending on the URL used to access the site). I need to use this value in some of my javascript files... Up until now I've been including my js files...

Revert back to previous flask session variables when going back a page


python,session,flask
On a Flask website of mine, I have a session variable called 'thisQuestion' which put simply increments by 1 each time a page is loaded. Basically, the page returns questions from a database and the user can state whether they get the question right or wrong. The session variable increases...