|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
11-17-2005, 01:03 PM
|
#1 |
|
Confirmed User
Join Date: Oct 2003
Location: San Diego, CA
Posts: 126
|
Fix to Spoofing Members Areas
Everybody,
Last month we noticed our hits/bandwidth to our members are increase by over 1,000+ users per day, costing us over $5,000+ in content bandwidth as a direct result of spoofing software that lets people into your members area for free! Well congratulations to Mr. Brad Slavin, my head IT, who wrote a killer script that can be added to your .htaccess file that will not let spoofers in. If anybody is interested in how we did this....we will be happy to help you out on trade. Since the new .htaccess file was uploaded, we have been 100% secure, knocking out over 900+ spoofers per day! THANKS BRAD!!!
__________________
Big Hitters, Inc. - http://www.bighitters.com Adult Prepaid - http://www.adultprepaid.com icq: 136-923-236 |
|
|
|
11-17-2005, 01:21 PM
|
#2 |
|
Confirmed User
Join Date: Feb 2003
Posts: 1,020
|
1) "Spoofing" doesn't get you into anything. Passwords do.
2) htaccess does not run scripts. |
|
|
|
|
11-17-2005, 01:26 PM
|
#3 |
|
Confirmed User
Industry Role:
Join Date: Dec 2001
Posts: 7,952
|
email me the script?
|
|
|
|
|
11-17-2005, 01:27 PM
|
#4 |
|
making it rain
Industry Role:
Join Date: Oct 2003
Location: seattle
Posts: 22,112
|
Were you only authenticating via HTTP_REFERER? This is all too common, I've helped a few people out with this...
|
|
|
|
|
11-17-2005, 01:30 PM
|
#5 | |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Posts: 59,204
|
Quote:
... |
|
|
|
|
|
11-17-2005, 01:32 PM
|
#6 |
|
Confirmed User
Join Date: Oct 2003
Location: San Diego, CA
Posts: 126
|
using the .htaccess file
We were use the http_referrer method, and still are, only adding a jump page and a couple quick lines of script to the .htaccess file itself has knocked out those thieves.
When I visited a couple of the web sites providing the spoof software and a huge, huge, list of members' area urls, which were big. Testing their software, I was able to get into tons of members areas from very big content providers, plus many of the referring urls were via somebody elses account, paying $$ to the content provider.
__________________
Big Hitters, Inc. - http://www.bighitters.com Adult Prepaid - http://www.adultprepaid.com icq: 136-923-236 |
|
|
|
|
11-17-2005, 01:33 PM
|
#7 |
|
Strength and Honor
Join Date: Jul 2004
Location: Europe
Posts: 16,540
|
Just use strongboxxx
|
|
|
|
|
11-17-2005, 01:55 PM
|
#8 |
|
Confirmed User
Join Date: Oct 2003
Posts: 3,191
|
if you are an owner of a popular paysite(s) you need to go to <deganews.com> and put in the name of your site.
this will tell you if asswipes are trading info about how to spoof your members area. the "tar=ref" spoof is very common, and can be fixed by beefing up your member area security. if you are on ccbill they can show you how to do it. also if you are hosting video files you should have <antihotlinking.com> in place and be redirecting your hotlink attempts to some sort of sales page. |
|
|
|
