|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
12-12-2003, 01:10 PM
|
#1 |
|
Confirmed User
Join Date: Nov 2003
Location: Penguin vs Devil
Posts: 745
|
SSLFakeBasicAuth ??
A customer of mine and I are fooling around with using SSLFakeBasicAuth to log users in to a paysite. Has anyone ever used this method before? Interested in implementing it and was wondering about some feedback on the pros and cons.
Only draw back is the user has to access the site from the computer the Certificate is loaded on after sign up. But it would basically kill all brute force attacks and password sharing. I have used it before with a plug-in site to secure access between the two sites. Worked quite well. More info: http://slwww.epfl.ch/SIC/SL/CA/access_control.html Any opinions on this is appreciated. V
__________________
"Only the dead have seen the end of war." - Plato "In the abscence of orders, go find something and kill it." - Erwin Rommel "A man's worth is no greater then the worth of his ambitions." - Marcus Aurelius |
|
|
|
12-12-2003, 01:22 PM
|
#2 |
|
Confirmed User
Industry Role:
Join Date: Dec 2002
Location: Mallorca - Nottingham
Posts: 5,176
|
Sounds interesting but how much trouble would it be to impliment?
__________________
See sig... |
|
|
|
|
12-12-2003, 01:45 PM
|
#3 | |
|
Confirmed User
Join Date: Nov 2003
Location: Penguin vs Devil
Posts: 745
|
Quote:
Then when they visited https://www.somesite.com/login.php the certificate data would be retrieved and you could validate the session in mySQL and serve the content through normal http protocol. The hard part would be to rewrite the API for the credit card processor to add/delete certificates from the access file when the membership is up. V
__________________
"Only the dead have seen the end of war." - Plato "In the abscence of orders, go find something and kill it." - Erwin Rommel "A man's worth is no greater then the worth of his ambitions." - Marcus Aurelius |
|
|
|
|
|
12-12-2003, 01:50 PM
|
#4 |
|
Confirmed User
Join Date: Nov 2003
Location: Penguin vs Devil
Posts: 745
|
Was looking for opinions on limiting users of paysites to only one computer system. That I think is not going to be worth it but wanted paysite owners opions on it.
V
__________________
"Only the dead have seen the end of war." - Plato "In the abscence of orders, go find something and kill it." - Erwin Rommel "A man's worth is no greater then the worth of his ambitions." - Marcus Aurelius |
|
|
|
|
12-12-2003, 02:26 PM
|
#5 |
|
Confirmed User
Join Date: Jan 2002
Location: In the walls of your house.
Posts: 3,985
|
We looked into this option a while back. We discarded it because we feared that having to install a certificate would be too confusing for most porn surfers.
__________________
"Every normal man must be tempted, at times, to spit on his hands, hoist the black flag, and begin slitting throats." --H.L. Mencken |
|
|
|
|
12-14-2003, 03:16 AM
|
#6 |
|
Confirmed User
Join Date: Apr 2003
Location: Hollyweird, CA
Posts: 747
|
Yup. If they are *buying* porn, they aren't very computer or net saavy.
|
|
|
|
