Welcome to WebmasterWorld Guest from 34.201.121.213

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Showing different content based on IP

Want to ensure some people see one thing, and other people some other thing

     
3:48 pm on Nov 28, 2006 (gmt 0)

Full Member

10+ Year Member

joined:May 13, 2004
posts:220
votes: 0


If a Perl script is set to show something based on IP address, how certain are we that it works?

Maybe I want to change my homepage looks for my coworkers only - say, follow many of the links with a link to a Google SERP for that phrase, or a link to the SEO Page Strength for that page, etc. We're all at one IP address, and we keep track of what it is.

Or maybe I put a picture of myself, the webmaster, with a blurb informing my coworkers that if they find an error in the site for me to fix, I'll give them chocolate. That sort of thing.

The script knows what to show by seeing the visitor's IP address in the $ENV{REMOTE_ADDR} variable. The code goes like this:


if IP = our_people
show special_homepage
elsif IP = competitors
show goatse
else
show normal homepage

How safe is this? How certain can we be that only people with our IP address see the special page, and nobody on the outside does? Can that variable be spoofed by a savvy person that knows our IP address? Is there much chance an important bot (G, Y, M, etc) might manage to find the special version of the page?

7:32 pm on Nov 28, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 5, 2006
posts:536
votes: 0


$ENV{REMOTE_ADDR} will probably work fairly well but not all users will have that information sent along with the http headers and that information can probably be faked using scripts. You're best bet really is to require a sign-up and with username/passwords and use that info to redirect uses to the appropriate content.
8:17 pm on Nov 28, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


perl_diver are you saying the IP address can be faked? I have asked this question repetitively across the years and the answer is almost invariably no, this is impossible.


elsif IP = competitors
show goatse

<snicker> that's a bit too rough lol . . .

If the choices are limited to internal and external it would be fine in an if/else statement. Your internal IPs are known values. But don't try redirecting your competitors by IP. If they have, say, an AOL account just for testing, they will use it to view your stuff and let you think you've locked them out.

10:41 pm on Nov 28, 2006 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15756
votes: 0


well..
[en.wikipedia.org...]

but for the most part we assume no one is spoofing ips due to it not being the easiest thing to do

>> How certain can we be that only people with our IP address see the special page, and nobody on the outside does?

as perl_diver, it will work fairly well and is accepted practice

5:19 pm on Nov 29, 2006 (gmt 0)

Full Member

10+ Year Member

joined:May 13, 2004
posts:220
votes: 0


I agree that with AOL it's tough ... I've heard stories describing their weird network structure, in which the IP address changes for every single GET request so you'll have one IP address retrieve your page, and another 20 IP's retrieve each of the 20 images on that page ... total nightmare if you want to direct things by IP.

My plans, though, are basically the above, sans the goatse - I'd rather not make it obvious to my competition that I know their IP addresses 8-) - so if someone outside did happen to see our version, it wouldn't be giving too much away.

The consensus, then, is that it *can* be done, but it's rather tough. Thanks for the advice, and the wiki article; always quite helpful.

4:43 pm on Dec 7, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Sept 19, 2005
posts:44
votes: 0


For what it's worth, I've been doing this on a site for years, and it's always worked quite dependably. Of course the content that I've got is not the kind of thing worth hacking into either. But here's how I do it:


$file = $ENV{'REMOTE_ADDR'} . '.html';
if (-r $file) {
open F, $file or die "$! \'$file\'";
while (<F>) { print; }
close F;
}

So this just displays the contents of a file named for the IP address. Therefore, ongoing maintenance requires just creating/deleting/changing HTML files, and not editing my Perl script. It also allows me to have other non-Perl people contribute to the maintenance of the HTML files.

6:50 pm on Dec 7, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 4, 2003
posts:378
votes: 5


I used to do this via SSI many times.

Something like this :

<!--#set var="i" value="$REMOTE_ADDR" -->
<!--#if expr="$i = /#*$!.#*$!.#*$!./ $i = /#*$!.#*$!.yyy./...... etc." -->
<!--#include file="this.txt" -->
<!--#elif expr="$i = /#*$!.#*$!.zzz.aaa/ $i =..... etc." -->
<!--#include file="that.txt" -->
....etc..