No, because PF's server doesn't even respond to DELETE requests at all. In fact that's how most websites "defend" against such things: they don't even respond to any HTTP methods other than GET (and HEAD, which just returns the same headers as GET but no payload) and POST. And what the server does with requests with those methods depends on whether you are logged in or not and, if you are logged in, what permissions your user account has.Trollfaz said:if I send a DELETE request to Physics Forums website does it mean I can take down the logo?
Incidentally like ".htaccess" there's also a "robots.txt" file which supposedly tells how search engines like google should treat (or ignore) your site).sbrothy said:There also something called a ".htaccess" file which can do the job to some extent.
So POST in the case of posting threads as a registered member?PeterDonis said:No, because PF's server doesn't even respond to DELETE requests at all. In fact that's how most websites "defend" against such things: they don't even respond to any HTTP methods other than GET (and HEAD, which just returns the same headers as GET but no payload) and POST. And what the server does with requests with those methods depends on whether you are logged in or not and, if you are logged in, what permissions your user account has.
POST would be anything that is an attempt to add content, so starting a new thread, posting in an existing thread, or posting a private message.Trollfaz said:So POST in the case of posting threads as a registered member?
Yes, or signing in as a registered user.Borg said:Or filling out a registration form as a non-registered user.
More precisely, it passes things like query parameters in the URL. A GET request cannot change any documents on the server side, so nothing in the URL is "data" the way, say, a form body in a POST request is data.pasmith said:GET passes data in the URL
More precisely, multiple GET requests with the same URL and headers are idempotent (they have the same effect as if just one of them was made). But multiple POST requests with identical content (URL, headers, and payload) are not idempotent--they could create multiple copies of the same document, for example, instead of just one.pasmith said:is for things which could happen multiple times (generally fetching content). POST passes data in the request body, and is for things which only need to happen once
Websites can block unauthorized requests by implementing access control measures such as authentication and authorization. Authentication verifies the identity of users, while authorization determines what actions they are allowed to perform. Websites can also use techniques like IP filtering, CAPTCHA challenges, and rate limiting to prevent unauthorized requests.
IP filtering is a technique used by websites to block or allow access based on the IP address of the user. By maintaining a list of trusted IP addresses and blocking requests from unknown or suspicious IPs, websites can prevent unauthorized access to their resources.
CAPTCHA challenges require users to complete a task, such as typing distorted text or selecting images, to prove that they are human. By implementing CAPTCHA challenges, websites can differentiate between legitimate users and automated bots, thereby blocking unauthorized requests from malicious actors.
Rate limiting is a technique used to restrict the number of requests a user can make within a certain time frame. By setting limits on the frequency of requests, websites can prevent automated bots from overwhelming their servers with unauthorized requests, thus protecting their resources.
Authentication verifies the identity of users through credentials like usernames and passwords, while authorization determines what actions they are allowed to perform based on their roles and permissions. By implementing robust authentication and authorization mechanisms, websites can ensure that only authorized users can access their resources, effectively blocking unauthorized requests.