|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
04-30-2004, 08:16 PM
|
#1 |
|
Confirmed User
Join Date: Jun 2003
Location: Everywhere at once
Posts: 991
|
CCBill .htaccess nightmare
I decided to reconcile my password files on some sites.
Knowing how things work I assumed there would be some bogus users in there, and in fact I found about 10. Not bad, for a year, but more than I thought I would find. It's not really CCBill's fault in my view (shit happens) but they should provide a tool to help reconcile the file - I ended up spending hours extracting users from CCBill reports, loading into mysql, and joining on .htaccess. Way too much work, but I'm going to do it occasionally from now on. If you have a paysite there is a good chance you have some expired users also with lifetime free access; you might want to take a look.
__________________
I have no signature |
|
|
|
04-30-2004, 08:21 PM
|
#2 |
|
Confirmed User
Join Date: Jul 2003
Location: in yoOoo kitchen
Posts: 6,984
|
im afraid to look
 |
|
|
|
|
04-30-2004, 08:22 PM
|
#3 |
|
Old Timer
Industry Role:
Join Date: Jan 2001
Location: Indianapolis
Posts: 12,208
|
Yes, a tool would be very nice.
|
|
|
|
|
04-30-2004, 08:24 PM
|
#4 |
|
Confirmed User
Join Date: Mar 2003
Location: Western NY
Posts: 5,114
|
i had a nightmare with a client we jsut setup with them on that too. was liking jumping thru hoops to try and fix that shit
|
|
|
|
|
04-30-2004, 08:26 PM
|
#5 |
Join Date: May 2002
Location: Montreal
Posts: 6,797
|
this may be a stupid question, but how did they get there.
Hacks or other?
__________________
|
|
|
|
|
04-30-2004, 08:30 PM
|
#6 |
|
Confirmed User
Join Date: Feb 2003
Location: Deep inside my mind
Posts: 1,118
|
I had the same thing. Pennywize would disable a a username for multiple accesses/different IPs but when I checked in CCBill, they weren't listed as a member.
Turns out that my CCBill script was sitting where it was easy to find and hackers were managing to hahahahahahaha the script and create fake accounts. The Tech on the phone had it fixed in like two seconds. Now my script is safely hidden in a randomly named directory that's about a billion characters long  |
|
|
|
|
04-30-2004, 09:10 PM
|
#7 |
|
Confirmed User
Join Date: Mar 2003
Location: Oh Canada!
Posts: 3,662
|
Since they brought out the newer J scripts, everything works great. Make sure that the old password file isnt still in an accessable directory or you can be sure it will be found and all those usernames will be hammered.
|
|
|
|
|
04-30-2004, 09:12 PM
|
#8 | |
|
Confirmed User
Join Date: Feb 2002
Location: Vegas
Posts: 5,741
|
Quote:
__________________
 RecurCash.com - Averaging $38/sale with 60% revshare in the first 4 months alone! Convert your TEEN traffic today @ better than 1:500 guaranteed. ICQ me: 18287590! |
|
|
|
|
|
04-30-2004, 09:17 PM
|
#9 |
|
Confirmed User
Join Date: Jun 2003
Location: Everywhere at once
Posts: 991
|
Everything on my server is as secure as you can get - the password file is not in the web tree, the ccbill script name is random, etc.
Be very afraid.
__________________
I have no signature |
|
|
|
