Topic: Security patch for Xapo faucet script (Read 336 times)
reserved
reserved
reserved
Security Patch v1.3
Put this .htaccess in root : http://bitcoinfaucetrelay.com/wp-content/uploads/2016/08/htaccess.zip
This blocks Russia,TOR and most VPN then redirects to another page of your choice when detected, also speeds up your site.
Put this .htaccess in root : http://bitcoinfaucetrelay.com/wp-content/uploads/2016/08/htaccess.zip
This blocks Russia,TOR and most VPN then redirects to another page of your choice when detected, also speeds up your site.
Security Patch V1.2 :
Got to index.php in the main root and find this:
Put this code right underneath the one you find above:
This will stop proxies and throw a message as you can see in the picture
Got to index.php in the main root and find this:
Code:
$response = @file('http://verify.solvemedia.com/papi/verify?privatekey=' . $settings['solvemedia_verification_key'] . '&challenge=' . rawurlencode($captchaChallange) . '&response=' . rawurlencode($captchaResponse) . '&remoteip=' . $ip);
if (!isset($response[0]) || trim($response[0]) === 'false'){
$view['main']['result_html'] = '';
$message = "Wrong captcha";
}
$q = $sql->prepare("select * from users where LOWER(username) = LOWER(?) or ip = ? order by claimed_at desc");
$q->execute(array($username,$ip));
$row = $q->fetch();
if (!isset($response[0]) || trim($response[0]) === 'false'){
$view['main']['result_html'] = '
Wrong captcha!
$message = "Wrong captcha";
}
$q = $sql->prepare("select * from users where LOWER(username) = LOWER(?) or ip = ? order by claimed_at desc");
$q->execute(array($username,$ip));
$row = $q->fetch();
Put this code right underneath the one you find above:
Code:
//We do not allow proxy here
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
{
$view['main']['result_html'] = '';
$message = "Proxy";
goto error;
}
//end proxie check
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
{
$view['main']['result_html'] = '
Bots not allowed !! If you are not a bot and not on a proxy, i still cant help you !
$message = "Proxy";
goto error;
}
//end proxie check
This will stop proxies and throw a message as you can see in the picture
Ok guys, there is another hack that can be fixed by replacing this code in your index.php file not the one in style.
Patch V1.1
find this code
and replace with this
This redirects back to your page after 30 seconds so that the captcha resets so that a imacro program cannot be programmed to just refresh and get credit every hour when they are sleeping. i would suggest do this immediately! Make sure you put your faucet address where is says change to your faucet url.
Patch V1.1
find this code
Code:
if($response->success){
$view['main']['result_html'] = '';
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '';
$view['main']['result_html'] = '
Congratulations you have won '.$amount.' Satoshis !!!
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '
Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
and replace with this
Code:
if($response->success){
header('Refresh: 30;url=change to your faucets url');
$view['main']['result_html'] = '';
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '';
header('Refresh: 30;url=change to your faucets url');
$view['main']['result_html'] = '
Congratulations you have won '.$amount.' Satoshis !!!
$url = get_main_url()."?r=".$username;
$view['main']['ref_link'] = '
Share your referal link and earn a '.$settings["referral_percentage"].'% lifetime bonus. Your referal link is '.$url.'
This redirects back to your page after 30 seconds so that the captcha resets so that a imacro program cannot be programmed to just refresh and get credit every hour when they are sleeping. i would suggest do this immediately! Make sure you put your faucet address where is says change to your faucet url.
Jump to: