Limit access to ajax calls and block crawlers and spiders

Question

was wondering how to code a server file for ajax calls ?,

example:

Class cars, have 2 functions

1. reply with all brands

   return $database->Listall('brands','cardb'); I call it with api.php?mod=list

2. reply with all cars in brand return $database->Listall('cars','cardb',"WHERE brand=$brand"); I call it with api.php?mod=list&brand=kia

the problem is that google list these api links in its search directory, + users can also access this page on there own (not throu ajax call) so how can i block this ?

Answer 1

1. Use robots.txt to block search engine spiders. Some robots ignore this, but this is a easily way to get it out of search engines.
2. If user can access it in the browser, they can access it directly. There are some ways you could block it, but i doubt it would be reliable.

Answer 2

AJAX is just a way to request a page that will return simplified (xml?) content.

Block Google
Use this on your robots.txt and serve your ajax requests from the ajax folder.

User-agent: *
Disallow: /ajax-folder/

Use _POST on ajax requests and send a "secret"
Have your AJAX requests send along a "secret" variable and, on requests that don't have that variable just re-direct them to another page.

Answer 3

Restrinct Google's access to api.php in robots.txt

Answer 4

Simply use a token when generating the AJAX call. This if the token is not there, don't serve it.