MEVi Posted April 19, 2021 Posted April 19, 2021 (edited) Hello, Many search engines or robots suck up information without respecting the rules defined in the robots.txt . When a member connects to the community with their HUAWEI product, after I see in logs petal search engine downloads pictures using the direct URL. In case the Hot Link Protect is activated the petal search robots generate thousands of HTTP errors, because it keeps trying to download the photos or files that the user has viewed. The fact that the photos are directly accessible via a URL whether you are a member or not, make problems of copyright. This means that I have to block the possibility of members to send pictures, because I can't guarantee them that the copyright will be respected. I hope that in version 4.6 this flaw will be closed. Edited April 19, 2021 by MEVi
CoffeeCake Posted April 19, 2021 Posted April 19, 2021 You probably want to prevent traffic from this misbehaving spider entirely then by creating rules at your CDN/web server/firewall prior to IPS having to serve out the request. I'm not sure what you are referring to by "Hot Link Protect" yet it's probably better to stop this traffic before IPS has to do any work on the PHP/MySQL side of things.
MEVi Posted April 19, 2021 Author Posted April 19, 2021 I don't need a CDN. My members exchange photos that are sometimes confidential. It is abnormal that search engines exploit this security flaw by making public, private photos. Then to have lawyers claiming compensation because internal subjects are accessible to unauthorized third parties.
Recommended Posts