FaucetBOX.com Discussion

[nipol]

I use your platform to make withdrawals for users.
I use self made faucet that uses also your script to make withdrawals.
Today I decided to use also a CF.
When CF is off I can see hte payments and links from my site to admin interface in FB here: "Hosts that used your API key".
When CF is on I can't see payments and links(((( - user's didn't receive payments (((
So I decided that is necessary to set your IP's in CF whitelist...

There's no place where your CloudFlare and FaucetBOX.com IPs interact, these are two different things.

What errors do your users see exactly CF on? Do you see any errors (especially "Banned: x.x.x.x") in your web server's error log?

I'm quite sure that you didn't configure Reverse Proxy properly in your Faucet in a BOX admin panel and no payments are made because it looks like all users are bots and aren't allowed to make payment. That has nothing to do with any whitelisting.

Users didn't see anything, they only see "Pending" status in history.

No any erors.

And I use from your script only config.php file and faucetbox.php file.

May be I must enter some IP's of CF to "security" section of your site here https://faucetbox.com/en/dashboard/security/acl ? But I didn't see errors like "401 - Disallowed IP"...

Once I switch off CF all works fine.

Advise, please, what to do.

Thank you!

[Kazuldur]

And I use from your script only config.php file and faucetbox.php file.

In that case it's even less likely it has anything to do with interaction between FaucetBOX.com and CloudFlare. If you're using your own script then the only thing that I can help you is with our library and API. What response do you get when calling $faucetbox->send("..."); in your script? That should point us to the real problem here

May be I must enter some IP's of CF to "security" section of your site here https://faucetbox.com/en/dashboard/security/acl ? But I didn't see errors like "401 - Disallowed IP"...

No. And if you're asking these questions then I strongly suggest you to stop using CloudFlare. If you rely on your visitors IP addresses (for example to limit how much they can claim from your faucet) and you don't understand how CloudFlare works, you will get hacked.


But once again. If it works with CloudFlare off and doesn't work with CloudFlare on, then the only possible thing is that your faucet script somehow stops even trying to connect with FaucetBOX.com to send reward. Usually that's because people don't handle their users' IP addresses properly with CloudFlare enabled and either share a timer between all their users (because it looks like all users are using the same IP address) or are banned by some antibot solution (like NastyHosts).

[yambub]

Upload this to your server and send me a link to it:
test.php

I completely disconnected cloudflare, and changed back the IP addresses a couple of days ago. Thanks, I uploaded the file to the same directory, so
http://friendsvps.org/wp-content/plugins/99bitcoins-btc-faucet/libraries/test.php

Cheers
Andy

[Kazuldur]

Upload this to your server and send me a link to it:
test.php

I completely disconnected cloudflare, and changed back the IP addresses a couple of days ago. Thanks, I uploaded the file to the same directory, so
http://friendsvps.org/wp-content/plugins/99bitcoins-btc-faucet/libraries/test.php

Cheers
Andy

As I thought, your hosting has cURL support, but it has misconfigured, missing or old CA file, so cURL works only for HTTP. You should contact your hosting and tell them that curl_exec fails when connecting to https://faucetbox.com and curl_error() returns "error setting certificate verify locations: CAfile: /etc/pki/ls/certs/ca-bundle.crt CApath: none". If they won't fix that, you can try setting 'local_cafile' => true, in your config.php file, but I don't recommend it. It would be much better if you can get your hosting to provide CA certificates properly.

EDIT: Also OpenSSL 1.0.1e has quite a few vulnerabilities (the latest is 1.0.1u, and there were only bug fixes between 1.0.1e and 1.0.1u as far as I know). That may not be a big problem when it's used as a client, but I'd be careful and consider changing hosting...

[yambub]

As I thought, your hosting has cURL support, but it has misconfigured, missing or old CA file, so cURL works only for HTTP. You should contact your hosting and tell them that curl_exec fails when connecting to https://faucetbox.com and curl_error() returns "error setting certificate verify locations: CAfile: /etc/pki/ls/certs/ca-bundle.crt CApath: none".

I thought, that's it now, sorted, but he says the error setting certificate verify locations is because:

"This is an error but don't get why because why its searching /etc/pki/ls/ there is no folder its /etc/pki/tls/ it's missing a t in the location, and this $error is found through cURL which has path to

    $ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");

so the issue must be in their version-check, if it searching wrong directory,

I think a solution is close, one way or the other!
Guessing wildly in the dark again here, I set $verify_peer = true to false, being quite close to what you said about 'local_cafile' => true - I didn't want to try and write a whole new [statement? don't even know what they are called!] - anyway, that worked so it shows you're right about the other stuff. Setting it back to true again now cos I know it's abandoning verification altogether.
Thanks for all this, I appreciate your patience,
Andy

[Kazuldur]

I thought, that's it now, sorted, but he says the error setting certificate verify locations is because:

"This is an error but don't get why because why its searching /etc/pki/ls/ there is no folder its /etc/pki/tls/ it's missing a t in the location, and this $error is found through cURL which has path to

    $ch = curl_init("https://faucetbox.com/faucetinabox/api/v1/version-check");

so the issue must be in their version-check, if it searching wrong directory,

Change your hosting. They're either incompetent or just don't care and this "explanation" is just to make you go away. CAfile path is set either during compilation of OpenSSL (I doubt they changed that, they're probably using openssl from their distribution) or in php.ini using curl.cainfo (see http://php.net/manual/en/curl.configuration.php ).

The server (faucetbox.com) doesn't have any knowledge what's happening on client (your hosting) and doesn't have any way to set your CA file path. That would be a huge security hole...

You can try changing "https://faucetbox.com/faucetinabox/api/v1/version-check" to "https://google.com" in test.php. I wonder whether they'll try to claim Google has something wrong

I think a solution is close, one way or the other!
Guessing wildly in the dark again here, I set $verify_peer = true to false, being quite close to what you said about 'local_cafile' => true - I didn't want to try and write a whole new [statement? don't even know what they are called!] - anyway, that worked so it shows you're right about the other stuff. Setting it back to true again now cos I know it's abandoning verification altogether.
Thanks for all this, I appreciate your patience,
Andy

You should already have 'local_cafile' in your config.php file, you just have to change it from false to true (it won't affect the test.php file though, it will only work for your faucet). As you said, don't set $verify_peer = false;.

[Safi3529]

I Need Help !

Recently I Received this Message From Unknown Hacker .

" fullname: The Hacker
  email: zmkpexjf@clrmail.com
  message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.

Failure to reply to this email in 48 hours will have serious consequences.

 User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .

===================
Please Help me , How to Block this Hacker ?

Thanks in Advance .

[Kazuldur]

I Need Help !

Recently I Received this Message From Unknown Hacker .

" fullname: The Hacker
  email: zmkpexjf@clrmail.com
  message: Hello , I have a bitcoin faucet script that i can use to hack your website anytime i want to, but if you will pay me 0.05 bitcoins to this address 1Nfff9b6Ao9W5HpcCUz5h8oPPfxRGSDrw i will not hack your website anymore and leave you alone. If you decide to not cooperate and follow my demands i will make you regret your choices later.

Failure to reply to this email in 48 hours will have serious consequences.

 User's IP Address: 46.165.197.1 ( Maybe This is VPN ) .

===================
Please Help me , How to Block this Hacker ?

Thanks in Advance .

There's nothing really you can do. My guesses are:

1. they really have found a vulnerability in your faucet and will somehow exploit it, but it doesn't stop them from doing this after you pay them
2. they'll just DDoS your faucet, but they'll just keep extorting you after you pay the first time
3. (most likely IMHO) they don't have any "script to hack your website"

So... don't pay and hope for the best.

EDIT: I do recommend though changing all your passwords, just to be sure.

[Kazuldur]

My Faucetbox Password OR Database Password ?

All of them. FaucetBOX.com password, database password, email password...

[Racey]

^ @Safi3529  Some information about the IP

https://www.stopforumspam.com/ipcheck/46.165.197.1

[Safi3529]

^ @Safi3529  Some information about the IP

https://www.stopforumspam.com/ipcheck/46.165.197.1

Thank You so much But How to Block this Hacker ?

Please Help me if someone know the method .

[Kazuldur]

^ @Safi3529  Some information about the IP

https://www.stopforumspam.com/ipcheck/46.165.197.1

Thank You so much But How to Block this Hacker ?

Please Help me if someone know the method .

There's no proof that he is a hacker. He's probably just lying to scare you into paying. Ignore him, that's the best way to block him.

[Safi3529]

He is a hacker because he withdraw 100 satoshi every second from my faucet while I give 30 satoshi per minute .

There is my faucet .

http://101freebitcoin.us

[Kazuldur]

He is a hacker because he withdraw 100 satoshi every second from my faucet while I give 30 satoshi per minute .

There is my faucet .

http://101freebitcoin.us

Did you write your faucet script yourself?

[Safi3529]

No . from Faucetbox Vr65 .

I just include login and register system

[Kazuldur]

No . from Faucetbox Vr65 .

I just include login and register system

https://faucetbox.com/en/security-guide

[ahmedjadoon]

You have taken down a-ads ad spot on your website so please remove Ad Unit #241774 from a-ads.

[Kazuldur]

You have taken down a-ads ad spot on your website so please remove Ad Unit #241774 from a-ads.

How can I do that? I didn't find such option on a-ads unfortunately.

[alfaboy23]

Good day fellas!

This last few days, everytime I access Faucetbox.com to check my wallet address in my mobile browser, I'm redirected into this:


Anyone experienced this on Faucetbox?

[Kazuldur]

Good day fellas!

This last few days, everytime I access Faucetbox.com to check my wallet address in my mobile browser, I'm redirected into this:

Anyone experienced this on Faucetbox?

Huh, the new ad network we're using must be doing that. I'll see what we can do to fix that (in worst case we'll change the network, such redirects are unacceptable for us).