Hi Bert,
Yes, that sounds great, I'd implement that IP blocking code you
mention and tell the user that the files are password protected and
that anti-hacking software is active on the server.
All the Best
Dave
On 20 Jan 2009, at 14:45, Generic Email wrote:
The images are protected. Upon upload, a 12 digit password is
generated and given to the user in the form of the URL. Only
someone with that 12 digit number is able to view the image.
Someone could try and brute force the 12 digits. If this becomes an
issue, I will detect the attempted retrieval of some large number
of non-existent images and block the IP.
The images are easily accessible by someone with the secret key.
They don't even know that they are using the key, but they are. I
can make the key 100+ alpha/digits, but I will fix that problem if
it become one.
Your email points out the fact that I should inform the users of
this on my site, so that they can know what is being done to
protect their privacy. Thanks so much!
I really appreciate all of the feedback.
Bert
On Jan 20, 2009, at 7:35 AM, Dave wrote:
Hi,
I think you may run into problems if you are sending people's
screen shots to an unprotected server! Sounds like a hacker's
picnic to me!
Surely you should have at least a username and password to access
the images?
All the Best
Dave
On 19 Jan 2009, at 19:44, Kurt Kaufman wrote:
Mr. Email,
Nice, simple operation; no user setup involved. When you offer
the product publicly, I would suggest offering more information
about where the picture is posted (rather than simply "the
internet"), as some people might be a little uneasy about having
screen-shots sent to who-knows-where. Maybe a "More info." link
on the web site and a "More info." button from within the app
would suffice.
Nice job, and in only a couple of weeks!
-Kurt
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
