Answer the question
In order to leave comments, you need to log in
Parsing protection?
There is a spa web application. We have closed access to a closed api by key to one major information provider.
The scheme is as follows: the user of our service goes to the desired section -> a request is sent to our api -> our api sends a request to the supplier's api and information in json format is returned to the client.
The provider itself renders content on the server and gives it only with markup, so information can only be retrieved by parsing.
And our application is essentially a screen between the private api of the provider and the user, and he can parse all the information of the provider through our application. And the meaning of the provider's closed api is lost, when, in fact, anyone has access to the api. I hope I explained clearly
And then the question is: how to protect yourself from this sobsno?
Introduce flood control? But then the attacker will in any case be able to say "the entire database", but for a longer time.
Ban for too frequent requests? Here, too, is not a problem for the slomyshlennik.
Answer the question
In order to leave comments, you need to log in
There is no protection as such. Protection is a high degree of uselessness of information and the need to use a large amount of resources for its extraction.
You can use third-party services for protection (not ideal), it will cut off 98% of parsers.
But it's funny, of course, we parse and we want to protect ourselves from this. XD
So what do you want to protect yourself from? From parsing as such? From the fact that someone other than you will have something sacred?
Blocking too frequent requests is managed by more sleep'om in the parser or dynamic change of proxies.
if this is such a secret / important information that you don’t want to give away for free - well, ok, enter the price for accessing the api (or the line passed to the user)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question