Pages:
Author

Topic: FaucetBOX.com Discussion - page 156. (Read 237020 times)

legendary
Activity: 971
Merit: 1000
June 21, 2015, 04:31:09 PM
#13
Either way, it seems pretty easy to implement. Just checking against the referrer and returning to the homepage if it was found to be elsewhere should be sufficient.
Something like this maybe:
Code:
if($_SERVER['HTTP_REFERER'] != 'http://yoursitewhatever.com'){
header('Location: /');
}
Once the form has submitted (~line 1138 on index.php).

I'm not that good with PHP, but I think that
Code:
header('Location: /');
won't end the script. So it will send the coins either way and only redirect to main page after that.
Code:
header('Location: /'); die();
should work though.
legendary
Activity: 971
Merit: 1000
June 21, 2015, 04:29:10 PM
#12
It's a risk for the Faucet in a Box script.
I can use the form of the faucet and shows on a empty site without advertising. The "form action" is located to the faucet site.

Captchas will block that. At least ReCaptcha, SolveMedia and Are you a Human. However we'll think about that on next release, thanks Smiley.
legendary
Activity: 2352
Merit: 1268
In Memory of Zepher
June 21, 2015, 04:15:59 PM
#11
It's a risk for the Faucet in a Box script.
I can use the form of the faucet and shows on a empty site without advertising. The "form action" is located to the faucet site.

Cheers
Salmen
The only problem that I can think of with that is that they would skip over a page with ads and get past the anti-adblock script. Plus, wouldn't they just be stopped by the captcha?

Either way, it seems pretty easy to implement. Just checking against the referrer and returning to the homepage if it was found to be elsewhere should be sufficient.
Something like this maybe:
Code:
if($_SERVER['HTTP_REFERER'] != 'http://yoursitewhatever.com'){
header('Location: /');
}
Once the form has submitted (~line 1138 on index.php).
legendary
Activity: 1059
Merit: 1020
June 21, 2015, 04:00:05 PM
#10
Has the Faucetbox Script an CSRF protection?

If you're asking about Faucet in a Box script, then no, there's no CSRF protection.

If you're asking about FaucetBOX.com itself, then yes, there's a CSRF protection. You can also enable MFA, that will also prevent any CSRF in case our protection fails.

are payments which time usually processed ?

It's random, but always at least once every 48 hours. Usually it's about every 24 hours.
It's a risk for the Faucet in a Box script.
I can use the form of the faucet and shows on a empty site without advertising. The "form action" is located to the faucet site.

Cheers
Salmen
legendary
Activity: 971
Merit: 1000
June 21, 2015, 03:56:33 PM
#9
Has the Faucetbox Script an CSRF protection?

If you're asking about Faucet in a Box script, then no, there's no CSRF protection.

If you're asking about FaucetBOX.com itself, then yes, there's a CSRF protection. You can also enable MFA, that will also prevent any CSRF in case our protection fails.

are payments which time usually processed ?

It's random, but always at least once every 48 hours. Usually it's about every 24 hours.
full member
Activity: 140
Merit: 100
June 21, 2015, 10:35:15 AM
#8
are payments which time usually processed ?
legendary
Activity: 1059
Merit: 1020
June 21, 2015, 09:24:00 AM
#7
Hello,
Has the Faucetbox Script an CSRF protection?

Cheers
Salmen
newbie
Activity: 42
Merit: 0
June 20, 2015, 05:23:31 PM
#6
I love the faucetbox service and I am using them to run and host over 20 bitcoin faucets.

They have the best support and great features.

Keep up the great work dev!
You are doing the crypto community a great service.

I really mean that.
legendary
Activity: 971
Merit: 1000
June 20, 2015, 04:09:48 PM
#5
1. more time for received a withdraw

Just as minifrij said (thanks), we must do that to keep network fees low. We try to be as reliable as possible to counterweight that Smiley

2. the list of faucet not is update, more is dry

That's weird, dry faucets should be taken down automatically on first "Insufficient funds" error. Can you give me an example?
legendary
Activity: 2352
Merit: 1268
In Memory of Zepher
June 20, 2015, 03:23:01 PM
#4
I don't like two option of faucetbox

1. more time for received a withdraw

2. the list of faucet not is update, more is dry
1. When handling withdrawals, they must be done within a large period of time in order to lower transaction fees. By handling withdrawals every 24-48 hours, the amount FaucetBox has to pay is cut down significantly.

2. Due to the sheer amount of faucets on the list, I imagine that to constantly update it would be difficult. Give it a bit of patience and I have no doubt the dry/not working faucets will be removed.
legendary
Activity: 1316
Merit: 1001
June 20, 2015, 03:18:31 PM
#3
I don't like two option of faucetbox

1. more time for received a withdraw

2. the list of faucet not is update, more is dry
legendary
Activity: 971
Merit: 1000
June 20, 2015, 11:58:12 AM
#2
Someone told me in private that have kind of "bots detector"..

Kazuldur - can you with professional eye say something about that..? In my opinion if someone have bot can join referrals under bot and it is impossible to separate just one-bot address..

Edit: I mean if you block one btc address - under can be another..

Can someone explain me that? I will be more happy if there is some script or program.. but any info will be very helpful ofcourse!

I would be sceptic. While it is possible to detect some patterns and classify them as bot/not bot, it would be quite sophisticated and never perfect.

The best one can do is to use a decent captcha system Smiley
legendary
Activity: 971
Merit: 1000
June 20, 2015, 11:56:01 AM
#1
July 26th incident info

In short: FaucetBOX.com's database server crashed and it isn't working currently. We expect to be back up tomorrow. All your data and funds are safe, but FaucetBOX.com isn't accessible until the problem is fixed.

FaucetBOX.com should work correctly now. If you experience any problems (especially with incorrect data), please let me know via PM.

Payouts won't be processed today (27th July). We'll process them tomorrow evening UTC (28th July),

More information:
Pages:
Jump to: