GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Protecting sites using other than HTaccess

Paolo · 07-13-2002, 12:09 PM

Here is the big problem with protecting you site.
Most programs give a 403 to the ip that brute forcing you password file.

They love to use ip's that AOL has, because AOL's system is a pile of shit and is easy to abuse

So 403's are fine in most cases except that AOL stores these 403's on there servers and prevents aol users sharing the same ip from visiting your site.

So now come the complaints from an AOL subscriber that he can not get in your membership area because his ip is blocked and he did nothing wrong " Except for using AOL in the first place" : )

What we did is give the brute forcer a 202 ok and redirect to a fake url.
That really seemed to help out

I hate those brute force programs they are a pain in the ass for everyone and any idiot can use them.

Hope that helps a little

07-13-2002, 12:09 PM
Paolo Confirmed User Join Date: Jan 2002 Location: Henderson, Nevada Posts: 491	Here is the big problem with protecting you site. Most programs give a 403 to the ip that brute forcing you password file. They love to use ip's that AOL has, because AOL's system is a pile of shit and is easy to abuse So 403's are fine in most cases except that AOL stores these 403's on there servers and prevents aol users sharing the same ip from visiting your site. So now come the complaints from an AOL subscriber that he can not get in your membership area because his ip is blocked and he did nothing wrong " Except for using AOL in the first place" : ) What we did is give the brute forcer a 202 ok and redirect to a fake url. That really seemed to help out I hate those brute force programs they are a pain in the ass for everyone and any idiot can use them. Hope that helps a little __________________ [