|
SSLFakeBasicAuth ??
A customer of mine and I are fooling around with using SSLFakeBasicAuth to log users in to a paysite. Has anyone ever used this method before? Interested in implementing it and was wondering about some feedback on the pros and cons.
Only draw back is the user has to access the site from the computer the Certificate is loaded on after sign up. But it would basically kill all brute force attacks and password sharing. I have used it before with a plug-in site to secure access between the two sites. Worked quite well. More info: http://slwww.epfl.ch/SIC/SL/CA/access_control.html Any opinions on this is appreciated. V |
Sounds interesting but how much trouble would it be to impliment?
|
Quote:
Then when they visited https://www.somesite.com/login.php the certificate data would be retrieved and you could validate the session in mySQL and serve the content through normal http protocol. The hard part would be to rewrite the API for the credit card processor to add/delete certificates from the access file when the membership is up. V |
Was looking for opinions on limiting users of paysites to only one computer system. That I think is not going to be worth it but wanted paysite owners opions on it.
V |
We looked into this option a while back. We discarded it because we feared that having to install a certificate would be too confusing for most porn surfers.
|
Yup. If they are *buying* porn, they aren't very computer or net saavy.
|
| All times are GMT -7. The time now is 12:08 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123