No, because PF's server doesn't even respond to DELETE requests at all. In fact that's how most websites "defend" against such things: they don't even respond to any HTTP methods other than GET (and HEAD, which just returns the same headers as GET but no payload) and POST. And what the server does with requests with those methods depends on whether you are logged in or not and, if you are logged in, what permissions your user account has.Trollfaz said:if I send a DELETE request to Physics Forums website does it mean I can take down the logo?
Incidentally like ".htaccess" there's also a "robots.txt" file which supposedly tells how search engines like google should treat (or ignore) your site).sbrothy said:There also something called a ".htaccess" file which can do the job to some extent.
So POST in the case of posting threads as a registered member?PeterDonis said:No, because PF's server doesn't even respond to DELETE requests at all. In fact that's how most websites "defend" against such things: they don't even respond to any HTTP methods other than GET (and HEAD, which just returns the same headers as GET but no payload) and POST. And what the server does with requests with those methods depends on whether you are logged in or not and, if you are logged in, what permissions your user account has.
POST would be anything that is an attempt to add content, so starting a new thread, posting in an existing thread, or posting a private message.Trollfaz said:So POST in the case of posting threads as a registered member?
Yes, or signing in as a registered user.Borg said:Or filling out a registration form as a non-registered user.
More precisely, it passes things like query parameters in the URL. A GET request cannot change any documents on the server side, so nothing in the URL is "data" the way, say, a form body in a POST request is data.pasmith said:GET passes data in the URL
More precisely, multiple GET requests with the same URL and headers are idempotent (they have the same effect as if just one of them was made). But multiple POST requests with identical content (URL, headers, and payload) are not idempotent--they could create multiple copies of the same document, for example, instead of just one.pasmith said:is for things which could happen multiple times (generally fetching content). POST passes data in the request body, and is for things which only need to happen once
Websites use various methods to block unauthorized requests, such as IP blocking, user authentication, and captcha verification.
IP blocking is a method where websites block access to certain IP addresses that have been flagged as suspicious or malicious. This is done by maintaining a blacklist of IP addresses and denying access to those addresses when they attempt to make a request to the website.
User authentication requires users to provide login credentials, such as a username and password, to access the website. This ensures that only authorized users can make requests to the website.
Captcha verification is a security measure that requires users to complete a task, such as identifying distorted letters or images, to prove that they are human. This prevents automated bots from making unauthorized requests to the website.
Yes, websites can still be vulnerable to unauthorized requests if the methods used are not properly implemented or if there are other vulnerabilities in the website's code. It is important for websites to regularly update and maintain their security measures to prevent unauthorized access.