Social Buttons
  1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

CAn Anyone tell me a Possible solution for this issue?.

Discussion in 'PHP' started by KOCHI, Jun 7, 2005.

0
  1. #1
    Hi,

    I have a secure area for my Website. Its a folder in web server( for example

    "http://www.mysite.com/Securefolder/"). INorder to View the folder user must register with

    the site. When a user register a new entry is made to ".htpasswd" file in the secure folder

    and the username and password is mailed to user.

    Here the tough part come. I charge Some amount for registration. Normally what users do is

    one will register and pass the username and password to others and they can also access the

    secure area. I want to prevent this


    So I thought about two options

    1. Cookie
    2. IP address tracking.



    We cannot replay on cookie because , it can be get deleted at any time. The second is IP

    address and its also cannot be relayed as most of the users don't have a static IP


    SEMrush
    CAn Anyone tell me a Possible solution for this issue?.


    Thanks in Advance ,


    Regards,

    KOCHI
     
    KOCHI, Jun 7, 2005 IP
    SEMrush
  2. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,220
    Likes Received:
    778
    Best Answers:
    0
    Trophy Points:
    0
    #2
    That's a tough one.

    I'd force the use of cookies. Plenty of big sites that do just that. No cookies, no go.

    Alternatively yuo can ask for a 3d parameter besides user & pass, something that will change and can only be known by the original subscriber. You could e-mail them this month's newsletter with the 'pass key' of June in it or something. That way it requires regular logistics between the subscriber and his friends to keep the scam going. For most too much effort.
     
    T0PS3O, Jun 7, 2005 IP
  3. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    64
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Cookies are client-side data and can be forged. Using IP address will make it inconvenient for legitimate users, as they may get new address every time they connect (heck, AOL uses server farms and makes every HTTP request from a different IP address)

    I would track if there's more than one user/password combination currently logged in and if there is, would contact this user and notified them that they are violating TOS or simply not allowed multiple users like these to get in.

    J.D.
     
    J.D., Jun 7, 2005 IP
  4. vagrant

    vagrant Peon

    Messages:
    2,284
    Likes Received:
    181
    Best Answers:
    0
    Trophy Points:
    0
    #4
    if you are running C-panel on your server and the user only needs to log-in once per browser session then you could use Leech Protect i suppose.

    dont know if that is of any help but may work for what you need
     
    vagrant, Jun 7, 2005 IP