Looking For Scripts

[ubergal]

Hello,

 

I am looking for a few of things.

I have a password protected member zone and would like to:

1) protect images & pages from hotlinking or otherwise being "stolen"

2) prevent password "attacks"

3) track what each user is looking at/downloading

 

Verotel handles payment and member/password creation - but they don't provide any of these extras.

 

I'd appreciate if someone could steer me in the right direction.

 

(free scripts would be great, but any info is welcome)

 

Thanks

übergal

[HCSuperStores]

Hi,

 

I've hadled all of what you have put down, but using custom scripts as the applicatoin is different for everyone.

 

The "hotlink" protection can be accomplished by utilizing the protection under Cpanel. So there are really no scripts needed for this.

 

The password "attack" ... I'll assume you mean people trying to guess, over and over again, someone's password. This is really part of an entire package that goes along with a database managed ID and password architecture. Again, what I have is custom for my needs and not documented all together that well. To prevent hacking of this sort, you can flag the IP address after 3-5 tries and shut down access for 15 minutes to hours for that particular ID.

 

For tracking, I created a custom script that I could pass a message to and a user ID when users go to certain pages. The script then logs the IP address, time stamp, the message (what they were doing) and other info.

 

I'm not sure if I'm really helping by posting this. Maybe someone out there has a script that does what you want. If you get stuck we can talk more via PM or IM. Let me know.

[surefire]

1) protect images & pages from hotlinking or otherwise being "stolen"

 

Not possible without forcing users to download a custom browser designed to make it difficult to steal your images. As soon as you load a page on the web, the image is downloaded to your computer. Someone with a little knowledge can easily find the image on your computer. There are a whole host of things you can do to frustrate and fool newbies.

[ThumpAZ]

Using the Hotlink protection in cPanel will disable the ability to hotlink images.

Using the nocache pragma in your html head will work for several browsers to keep them from caching the page (temporary internet files), but this is limited by certain browsers, and has a problem with larger pages.

There are all sorts of free scripts that will allow you to disable the right click on a page so someone cannot save the images and such on the page.

There is not, however, a way to universally disable the View Source or Print functions in a browser.

 

To better track your users, you will need to develop basically the same thing as a CartID that is triggered when a user enters the member's only area of your site.

 

Hope some of this helps, even though I have sent you nowhere specific, you now should have ideas of what to look for. As HCSS said... some of this will have to be custom built to suit your site.

[ubergal]

Hmm, okay...

As you can probably tell, I'm a newbie to all of this.

Let's see if I even know what I'm talking about...

 

I'm assuming that "hotlinking" means someone is providing a link directly to, say, an image or a member zone page. Thinking about it logically, the usr/psswd login popup should keep that sort of thing from working in the member zone, right? Anything outside of the member zone I could use the Cpanel hotlink protection.

 

Password "bombardment" protection and user tracking sound more complicated - for someone who doesn't know how to program that kind of thing. I guess I'm looking for something I can easily "plug in".

 

Thanks for the helpful hints you guys have provided.

 

übergal

[HCSuperStores]

I think hotlinking actually does a check to see if the "image" requested is actually being requested from a page that exists on the server.

 

There might be a password untility program out there, but seeing that this information is usually sensitive, I'd be hard pressed on using anything I wasn't sure was secure. IMO of course.