Posted on March 24, 2000

  • Security. I’ve finally grown tired of the script kiddies with their little “hacking” programs. These programs basically bombard this server with login requests using a premade list of usernames and passwords. I’ve done some research into this and I’ve noticed that most of the hack programs do not support SSL.

    I’ve gone ahead and removed the “public” link to the member’s gallery from the homepage on this server, replacing it with a link to a page in a password protected area of my secure server. If you click the link on the homepage, you will be asked for your username and password as usual and once you have entered it you will be redirected to this page whereupon you will need to enter the username and password once more to continue. This should stop most of the crack attempts cold (though not all) because the crackers will not have a non-SSL URL against which to fling their login attempts. Their programs will not be able to use the URL I give them.

    Not a 100% solution, but it’s a start.

    You can get around all of that by bookmarking this page and not using the homepage link to access the members gallery. If you have any questions, concerns, or comments please write me. I’d remove the public link altogether, but I need to think of those members who only visit once in a great while and may not rembember (or have bookmarked) the proper URL. I apologize for any inconvenience this may cause, and I assure you that my actions are in the interest of better download speeds for all (and a better night’s sleep for me).