GoFuckYourself.com - Adult Webmaster Forum - View Single Post

pine · 04-21-2003, 11:06 AM

The thing is, the 401 page is where all the failed brute-force attempts go. Keep it simple, no heavy graphics. A link back to the main page or join page is all that should be necessary.

We had ours set as a 0-sec meta refresh back to a blank page outside the members' area. We did this because if you look carefully, once someone attempts a failed login, they are on your 401 page....but your members' area URL is in the address bar. Makes it too easy for the brute forcers to just load up that URL and hack away.

04-21-2003, 11:06 AM
pine Confirmed User Join Date: Oct 2002 Location: The Falls, eh Posts: 1,373	The thing is, the 401 page is where all the failed brute-force attempts go. Keep it simple, no heavy graphics. A link back to the main page or join page is all that should be necessary. We had ours set as a 0-sec meta refresh back to a blank page outside the members' area. We did this because if you look carefully, once someone attempts a failed login, they are on your 401 page....but your members' area URL is in the address bar. Makes it too easy for the brute forcers to just load up that URL and hack away.