Its me again .. there are still one thing what i don't like ... i will try to explain as good as i can in english ...
Example:
Your Xapo Faucet has a Cooldown (Timer) of 15minutes until next claim is allowed.
OK here we go - a Visitor enter your Faucet solve the Captcha and Claim .. he stays on your really cool Site .. and after 15 minutes he can press F5 (Refresh) in browser .. a small window pops-up
and ask if you want to send the Formular again (dont know how it is called in english - see screenshot in German)
If you answer with Yes .. the Browserwindows reloads/refreshs .. and you have automaticly claimed - without enter the Captcha again...
Now if a Black-hat have found a way how to disable the timer (ok we dont allow rightclicks and so on now ) he has only press F5 press Enter all time long .. and is happy ..
I am not a hero in Webdesign nor php .. but maybe a solution is to set the cookielifetime to 5mins ? or has it something to do with the session ? .. any ideas ?
Example:
Your Xapo Faucet has a Cooldown (Timer) of 15minutes until next claim is allowed.
OK here we go - a Visitor enter your Faucet solve the Captcha and Claim .. he stays on your really cool Site .. and after 15 minutes he can press F5 (Refresh) in browser .. a small window pops-up
and ask if you want to send the Formular again (dont know how it is called in english - see screenshot in German)
If you answer with Yes .. the Browserwindows reloads/refreshs .. and you have automaticly claimed - without enter the Captcha again...
Now if a Black-hat have found a way how to disable the timer (ok we dont allow rightclicks and so on now ) he has only press F5 press Enter all time long .. and is happy ..
I am not a hero in Webdesign nor php .. but maybe a solution is to set the cookielifetime to 5mins ? or has it something to do with the session ? .. any ideas ?
Let me see if one of Xapo sites like you say where I can actually use the F5 and reclaim without a Captcha. BRB on that this one.
I have 2 Xapo Wallet sites open ( MoonBitco.in and Whalebitco.in ) and one none Xapo site open ( Claim BTC ) will run the F5 command in 2 minutes.
Ok I run the F5 command on all 3 sites and they give me the same results ( Incorrect Captcha )
Are we dealing with a weakess in the F5 Command for @Gifted's script. As I thought we had solved this previously and it was addressed by @Gifted.
I am old and sea-nile and I tend to forget what i just said so I maybe wrong.