Geek Answers Handbook

How to make my code more secure

I have voted on comments similar to what is on this website (something similar), and I'm a little worried about the possible abuse of http requests. You will find out what I mean after I show you the dubious code:

$.ajax({ type: 'POST', url: 'http://localhost/comments/vote_down/' + post_id });

Now it is still on the local host, but it will end up on the network. What if someone makes some kind of script that will run n times this url http://localhost/comments/vote_down/post_id .

Even user authentication is very useful, you just configure your malicious script to authenticate, and you can do it again. How can I make this request more secure, what can I do? thanks

EDIT

I see a few answers, not the ones I have been looking for so far.

Maybe I expect too much, there is a way that I can directly refuse this request to someone, but someone is redirected from localhost (or website.com) after x tries to do this.

Maybe some kind of header authentication? I do not quite understand that this is the main reason why I ask.

EDIT

What I discovered by chance about a minute ago, I looked at several similar questions, and my firebug was turned on, I added one question to my favorites. saw the response of the post 200 OK console, then I tried it for like 10 times, just to see when I will be rejected to do the same again. In the end, I got bored .. so if StackOverflow doesn't solve it ... what am I trying to do: =)

+7
jquery security post php
source share
7 answers

At a minimum, you can make sure that each user can vote only once.

  • If the user is not logged in, do not vote.
  • If the user is logged in, limit the vote to one vote per comment (whether they can change the vote from the very beginning or not) is up to you.
  • If you want unregistered users to vote, block them using cookies and IP addresses and checking the user agent. (Far from bulletproof, but will keep some troublemakers)

Extra options:

  • Captcha implementation

In response to your edit:

If you're talking about checking the correct link page, you're out of luck. It is incredibly easy to fake. You can implement a token check in which you generate a hash that is valid for X seconds and rejects all requests with an invalid or expired hash. This does not stop people from voting several times.

In response to the second edit:

A status code of 200 means that the HTTP request was successful, what the application logic decided to do with the request is a completely different problem. You can refuse to vote and return 200, just as you can return 403 (which would probably be more appropriate in this case).

+6
source share

You will need to do more than store the vote count for the message id. You will need to keep a record for each individual vote.

Once your database schema is configured for this, you can begin to associate additional information with each vote β€” IP address, user ID, etc.

In most places, only authenticated users are allowed and allow users to vote once for any given identifier. Stackoverflow goes beyond that and allows users to cancel their voices and remake them.

If you want the user to authenticate before they can vote, this is unacceptable, you can go to the IP address and then reduce the number of votes so that they can be dropped from this IP address at some interval. For example, after voting on XXX.XXX.XXX.XXX, he cannot vote again for another 15 minutes. This will not break the Internet for people who are behind a proxy server, but will reduce the number of games that can be played.

You can go even further and try to find someone playing the system, and then blacklist them for a while.

+3
source share

You must authenticate through the token.

Potentially, I could just type <img src="http://localhost/comments/vote_down/1"> and start voting for users who access my site.

What you have to do is check on the server side, let's say you check the MD5 hash ( md5(1) = c4ca4238a0b923820dcc509a6f75849b )

 http://localhost/comments/vote_down/1?hash=c4ca4238a0b923820dcc509a6f75849b

Now on your server you should hash post_id and check if the hash parameters match, if so, then allow voting.

But then I could just leave the spam vote from users without knowledge through <img src="http://localhost/comments/vote_down/1?hash=c4ca4238a0b923820dcc509a6f75849b">

What you need to do is hashing both post_id and user_id (from the session), so one hash from one user will not be different.

 User: 1 Post_id: 1 md5(11) = 6512bd43d9caa6e02c990b0a82652dca User: 2 Post_id: 1 md5(12) = c20ad4d76fe97759aa27a0c99bff6710

Obviously, you should refer to the hash function, but even without it, your application will be quite safe.

+1
source share

Hope this helps you answer your question. Check out this site: https://panopticlick.eff.org/ . Basically, he tries to identify you based on various system settings, installed fonts, browser options, time zone, etc. I just sent it to my office, and so far we are all unique.

Now this method is not completely safe, because you can fake all this information by simply changing the data that is sent to the server for each request, but you need to KNOW that your site uses this technique in order to attack (security through obscurity).

I think I would be inclined to take a multi-level approach to the problem. Since none of the methods is completely safe, all you can do is collect them.

  • Do not let people vote unless they have cookies.
  • Implement CAPTCHA for users who are not logged in.
  • Profile users based on the hashes of their system settings (font hash, browser capabilities, time zone, etc.)
  • You have a login system so users can vote.

Now, when someone votes, you store your user ID (if they are logged in), their system hashes and their cookies against their vote. This will prevent voting, logging out and subsequent voting anonymously - because their system hashes and cookies (if they did not bother to clear it) are already tied to the voting.

Something else you can do is make a tripwire to determine if the vote at a particular post is clogged in any particular direction. If it is clogged (say, 20 votes per minute for 10 minutes, and most of the votes were in the same direction), try profiling upvotes by looking at the IP address, system hashes, etc. Based on an arbitrary percentage of possible malicious attacks, you can block the vote on this post for 15 minutes.

None of these methods are completely safe, and for brevity, I have missed out on a few things you can do to easily expand on this idea. But I believe that a multi-level approach is key. Undoubtedly, there is sometime a really specific user who does not mind that whenever you have typed really good logs, you can comment on this attack and respond to it.

Hope this helps

Greetings Ian

+1
source share

I think you need to track which (authenticated) users voted for which elements, and allow each user to vote on each element only once.

0
source share

Make a user login and check if they voted for him up / down before demanding that the votes table contain a link to the user, I hope, through the identifier.

Hope this helps,

0
source share

You can use CAPTCHA (I recommend reCAPTCHA because it helps to digitize print jobs at the same time) to eliminate at least bot-based voices. To prevent multiple people's voices, consider counting based on a semi-historical identifier, such as an IP address, as well as the User Agent string of the browser or something else. Or confirm the vote based on the user account (and, obviously, install CAPTCHA on the user registration page).

0
source share

More articles:


All Articles