GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Spoofing. Best way to stop it. (https://gfy.com/showthread.php?t=201590)

loco12 11-25-2003 03:17 PM
Spoofing. Best way to stop it.
 
I seem to have a problem with spoofers, who get past my .htaccess like it isn't there.

Whats the best method to stop them accessing the members area?

Serious answers please!:Graucho

cheers

loco12 11-26-2003 01:31 AM
bump.
no one know how to stop spoofing?

rowan 11-26-2003 01:37 AM
Is it for an AVS site? I don't think there is really any other generic way to protect your members area - the AVS would need to pass control to a script on your site with some sort of key that validates the surfer. Authenticating by referer is a nice and clean way to do it as it's all done with a few lines of .htaccess without needing scripts on your side, but as you can see it's virtually useless these days.

If you control the login page then you could move to a form+cookie based login, or stick with good old HTTP basic auth.

Juggernaut 11-26-2003 01:38 AM
Look into cookies, something that checks that they have permission because they've already gone through your "gateway", if they dont, 403. Session management cookies might do it.

loco12 11-26-2003 01:50 AM
basically its all my remaining members that signed up through ACPay. There are only about 150 members left that go through the acpayscript to enter my site.

If I added all these remaining ACPay members to my CCBill password file and removed the acpay from my htaccess file would that stop the problem?

Of course I would have to remove the acpay members by hand as they cancelled, but if it stopped the problem its worth it.

konduct 11-26-2003 01:51 AM
:1orglaugh

rowan 11-26-2003 01:53 AM
Did acpay use referer based authentication? Ouch, that's a HUGE hole for a 'real' paysite!! Yes, you'll probably save more bw in the long run by using proper authentication, even if your members get a week or two extra.

If ccbill allows you to 'deep link' products then email your acpay members a hidden URL that gives them a special rate for defecting from acpay to ccbill.

loco12 11-26-2003 01:57 AM
Quote:
Originally posted by rowan
Did acpay use referer based authentication? Ouch, that's a HUGE hole for a 'real' paysite!! Yes, you'll probably save more bw in the long run by using proper authentication, even if your members get a week or two extra.

If ccbill allows you to 'deep link' products then email your acpay members a hidden URL that gives them a special rate for defecting from acpay to ccbill.
Personally I don't want to move the ACPay members to another processor, as it was the best processor out there for its short life.

Looks like I will have to get them to change the auth so that the hole is filled in. I wondered why my servers were getting a bit slow over the last 24 hours. It was filled up with fucking hahahahaing gate crashers!:mad: :feels-hot :1orglaugh


All times are GMT -7. The time now is 09:01 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123