You are viewing limited content. For full access, please sign in.

Discussion

Discussion

Bots are eating up our Read-only Licenses

WebLink Version 8 Version 9
Updated June 26, 2018
posted on March 15, 2018

Our version of Weblink (8.2.2) (Laserfiche 10.2) is attracting bots (googlebot, etc.) that use up all your licenses, and users are prevented from accessing the system until the licenses time out or someone manually disconnects the session.    We spent years trying to block the bot IP addresses from IIS, which is a temporary workaround. The only thing that seems to work consistently is to put a userid and password on the Weblink entry screen (where we even tell you the actual userid and password). Not pretty, but it avoids the bot problem.

We got away with this for a few months, but now our users are complaining about the extra sign-in step.

I've read a few reports that maintain that attempts with Cookies turned off succeed in grabbing the licenses.   Why wouldn't LF write the code or give us the code that blocks all attempts to access Weblink without Cookies turned on?   Is it really that simple?

 

I've also read that Weblink Version 9 goes a long way to combating this problem.   Is it worth making the move to Weblink 9?

 

Thanks for any thoughts / advice.

0 0
replied on March 15, 2018

Not to your specific question, but note that WebLink 10 recently came out, so if you may be considering upgrading you may want to look into that instead of going to 9. Of note: https://answers.laserfiche.com/questions/138017/What%E2%80%99s-new-in-Laserfiche-WebLink-10-%E2%80%93-join-us-for-a-complimentary-webinar

0 0
replied on June 26, 2018

Hi Justin,

Do you know if these blocks were put in to Weblink 10.1?  We recently upgraded and are getting bots occupying all our licenses with an alarming amount of regularity.  Any tested/approved fix would be welcome.

 

0 0
replied on March 15, 2018

The cookie check code that Bert linked to is similar to what we added to WebLink 9.  The situation that it addresses is related to but different from the bot scenario, that is improved in WebLink 9 also.

0 0
replied on March 23, 2018

Brian -

 

Does Weblink 10 contain the same cookie check code as Weblink 9?   I asked my VAR to install V9, but they want to install V10.

Thanks!!!

0 0
replied on March 23, 2018

Yes.

0 0
replied on March 15, 2018

Have you tried the workaround in the below link by Wes Funderberg to prevent access by anyone/thing without cookies?

 

Preventing False License Usage in WebLink

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...