Ping a Specific Port

Question

Sam

Asked: 2021-10-05 07:51:43 +0800 CST2021-10-05 07:51:43 +0800 CST 2021-10-05 07:51:43 +0800 CST

How can a url param '?i=1' detect a browser?

772

profreehost claims that a '?i=1' url GET param can protect their servers. I wondered how. I did use google before asking question, but all the results was about they are for security and how to remove them (if you have ssh access). I wanted to know the principles and maybe try to implement one for my own (on a vps) site. I guess the answer lies at the behavior of browsers.

1 Answers

Voted

bob · Answer 1 · 2021-10-05T08:22:43+08:00

bob

2021-10-05T08:22:43+08:002021-10-05T08:22:43+08:00

The parameter in itself is not the security mechanism, the security mechanism / browser check is the ability of the browser to store and use a cookie...

The pseudo logic is something along the lines of:

If a cookie is set:

-> assume that only "real browsers" can use cookies and show the page
If no cookie is set:
-> When URL parameter i is set and greater than 3 show error (assume that a browser that will follow multiple redirects but won't store cookies is not a real browser and/or broken)
-> ELSE
--> set the cookie
--> increment i with 1
--> return a redirect to URL?i=$i

0

How can a url param '?i=1' detect a browser?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?