LOL hope someone can help me fix it now. 
Topic: Closed (Read 311 times)
I have added .htaccess restriction to config.php, faucethub.php and function.php. allowed only server ip access.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
That's good, but if you see any problem then Change your faucet script
my problem is that every faucet script ive used got botted eventualy. I think ive used 4 diffrent ones by now.
I like how it all works now and just want it more secure. I do get less claims in already now.
Now i like to find out if i close port 3306 for MySQL database will be even better. but just havent figured that out yet.
I have added .htaccess restriction to config.php, faucethub.php and function.php. allowed only server ip access.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
That's good, but if you see any problem then Change your faucet script
I have added .htaccess restriction to config.php, faucethub.php and function.php. allowed only server ip access.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
then made new database user/pw/name.
regenerated api and changed it all. now only faucet has access to those files.
I hope this will restict and prevent stealing those access codes/api and sending info to thos files.
thanks for the warning. Site is no longer secure.
how do they steal api key?
do they read or download config file?
I just guess, because i can't find their address in my database. It could be local attack or do they read or download config file?
I think there is some problem in script because one more user asked me that he also facing same issue.. His faucet is draining continuously
how do they steal api key?
do they read or download config file?
I just guess, because i can't find their address in my database. It could be local attack or do they read or download config file?
how do they steal api key?
do they read or download config file?
do they read or download config file?
Closed
Jump to: