|
onewiseguy
|
 |
May 13, 2015, 11:11:13 PM |
|
I've got a second report from a faucet owner that he has been hacked. So once again: keep your api key secret, don't keep too much coins, use a hosting that you trust.
2 hacked users out of 2000 isn't a lot, but still that's 2 users too many. We'll slowly start rolling out more security options in near future, but really there's nothing we can do if someone gets an access to your server.
please offer 2 factor option for your site. that would secure it better, also if most faucet owners have a hosting it would most likely be a shared hosting, (since its cheaper) and there script must be bad, not the hosting. if it was hosting and they got access to it they would go to bigger sites. if your are planning a future update consider two factor for your site. |
|
|
|
|
|
Muhammed Zakir
|
|
May 14, 2015, 05:57:54 AM |
|
I've got a second report from a faucet owner that he has been hacked. So once again: keep your api key secret, don't keep too much coins, use a hosting that you trust.
2 hacked users out of 2000 isn't a lot, but still that's 2 users too many. We'll slowly start rolling out more security options in near future, but really there's nothing we can do if someone gets an access to your server.
please offer 2 factor option for your site. that would secure it better, also if most faucet owners have a hosting it would most likely be a shared hosting, (since its cheaper) and there script must be bad, not the hosting. if it was hosting and they got access to it they would go to bigger sites. if your are planning a future update consider two factor for your site. Please offer Bitcoin message signing as 2FA like a-ads. You can use a java code* for verifying signed messages and also try integrating Clef. https://bitcointalk.org/index.php?topic=965220.0* Such as https://github.com/brainwallet/brainwallet.github.io/blob/master/js/bitcoinsig.js |
|
|
|
ONLYfree
Legendary
 Offline
Activity: 1288
Merit: 1000
|
|
May 14, 2015, 01:58:32 PM |
|
I've got a second report from a faucet owner that he has been hacked. So once again: keep your api key secret, don't keep too much coins, use a hosting that you trust.
2 hacked users out of 2000 isn't a lot, but still that's 2 users too many. We'll slowly start rolling out more security options in near future, but really there's nothing we can do if someone gets an access to your server.
please offer 2 factor option for your site. that would secure it better, also if most faucet owners have a hosting it would most likely be a shared hosting, (since its cheaper) and there script must be bad, not the hosting. if it was hosting and they got access to it they would go to bigger sites. if your are planning a future update consider two factor for your site. Please offer Bitcoin message signing as 2FA like a-ads. You can use a java code* for verifying signed messages and also try integrating Clef. https://bitcointalk.org/index.php?topic=965220.0* Such as https://github.com/brainwallet/brainwallet.github.io/blob/master/js/bitcoinsig.jsI vote for simple 2FA with email. To login you have to insert code received in registered email. |
-2: -1 / +0
Warning: Trade with extreme caution!
|
|
|
|
Muhammed Zakir
|
|
May 14, 2015, 02:19:37 PM |
|
I've got a second report from a faucet owner that he has been hacked. So once again: keep your api key secret, don't keep too much coins, use a hosting that you trust.
2 hacked users out of 2000 isn't a lot, but still that's 2 users too many. We'll slowly start rolling out more security options in near future, but really there's nothing we can do if someone gets an access to your server.
please offer 2 factor option for your site. that would secure it better, also if most faucet owners have a hosting it would most likely be a shared hosting, (since its cheaper) and there script must be bad, not the hosting. if it was hosting and they got access to it they would go to bigger sites. if your are planning a future update consider two factor for your site. Please offer Bitcoin message signing as 2FA like a-ads. You can use a java code* for verifying signed messages and also try integrating Clef. https://bitcointalk.org/index.php?topic=965220.0* Such as https://github.com/brainwallet/brainwallet.github.io/blob/master/js/bitcoinsig.jsI vote for simple 2FA with email. To login you have to insert code received in registered email. I never liked email 2FA. It is insecure IMHO. Different people have different suggestions. Having three or four options of 2FA wouldn't be a bad idea. Email, Bitcoin signed message, Google 2FA and Clef. |
|
|
|
Kazuldur (OP)
Legendary
Offline
Activity: 971
Merit: 1000
|
|
May 14, 2015, 04:04:08 PM |
|
What we were thinking about was 2FA using message signing, OTP (Google Authenticator / Authy) or email tokens (selectable like in LastPass), but I'll bring the Clef suggestion to my coworkers  . |
Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
|
|
|
|
onewiseguy
|
|
May 14, 2015, 04:56:36 PM |
|
What we were thinking about was 2FA using message signing, OTP (Google Authenticator / Authy) or email tokens (selectable like in LastPass), but I'll bring the Clef suggestion to my coworkers . all of these would be nice if you added than any one can choose what they like. |
|
|
|
|
|
Dobrii
|
|
May 14, 2015, 05:46:55 PM |
|
How to change password on faucetbox.com ?
|
|
|
|
|
Kazuldur (OP)
Legendary
Offline
Activity: 971
Merit: 1000
|
|
May 14, 2015, 06:23:01 PM |
|
How to change password on faucetbox.com ?
https://faucetbox.com/password-reset |
Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
|
|
|
|
yvesp110
|
|
May 16, 2015, 01:25:43 AM |
|
Is there a way u can do something we can stay logged into our faucet account on faucetbox wow every 15 min i have to relogg in that is getting anoying before i could stay log in for 1 day now i go check stats or others 15 min later i am off
|
|
|
|
|
Kazuldur (OP)
Legendary
Offline
Activity: 971
Merit: 1000
|
|
May 16, 2015, 07:56:18 AM |
|
Is there a way u can do something we can stay logged into our faucet account on faucetbox wow every 15 min i have to relogg in that is getting anoying before i could stay log in for 1 day now i go check stats or others 15 min later i am off
You shouldn't have to relogg until you close your browser, so that looks like a bug. We'll look into that. Can i create a new page with php code inside?
The script by default searches on mysql for pages, and the html content of the page is stored also in mysql.
So what can i do to create a new page but with php code not just html?
iframe could do the trick, but i would like to avoid that.
You can't without modifying the script. |
Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
|
|
|
nano-btc
Member
Offline
Activity: 98
Merit: 10
Faucet owner
|
|
May 16, 2015, 08:56:18 AM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there  |
|
|
|
|
|
yvesp110
|
|
May 16, 2015, 04:51:36 PM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there Yes clean faucet now and I see u got ur adsense in congrats |
|
|
|
|
nano-btc
Member
Offline
Activity: 98
Merit: 10
Faucet owner
|
|
May 16, 2015, 04:55:09 PM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there Yes clean faucet now and I see u got ur adsense in congrats Thanks, finally something positive from you!  |
|
|
|
|
|
yvesp110
|
|
May 16, 2015, 06:03:23 PM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there Yes clean faucet now and I see u got ur adsense in congrats Thanks, finally something positive from you! no problem but ur a funny person I even told u on ur adsense post on here in bitcointalk how to get accepted anyway positive when it is due but guess u were waiting all that time for adsense cause u never really read e-mail when they told u how to do it until u read my post But even faucet is clean they will not rush ur listing u have to wait in line like others so many scew up from u i dont think the admin has to rush it |
|
|
|
|
nano-btc
Member
Offline
Activity: 98
Merit: 10
Faucet owner
|
|
May 16, 2015, 06:18:42 PM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there Yes clean faucet now and I see u got ur adsense in congrats Thanks, finally something positive from you! no problem but ur a funny person I even told u on ur adsense post on here in bitcointalk how to get accepted anyway positive when it is due but guess u were waiting all that time for adsense cause u never really read e-mail when they told u how to do it until u read my post But even faucet is clean they will not rush ur listing u have to wait in line like others so many scew up from u i dont think the admin has to rush it I just only changed some info on FaucetBox so I think I can get approved faster than others with new faucets, but that's only my opinion |
|
|
|
|
|
yvesp110
|
|
May 16, 2015, 06:24:03 PM |
|
Hi Kazuldur, I recently changed my site and I would like to get fast approve So, can you please approve my site http://nano-btc.website ? No Pop Ups or redirects, 0.01+ balance and button is there Yes clean faucet now and I see u got ur adsense in congrats Thanks, finally something positive from you! no problem but ur a funny person I even told u on ur adsense post on here in bitcointalk how to get accepted anyway positive when it is due but guess u were waiting all that time for adsense cause u never really read e-mail when they told u how to do it until u read my post But even faucet is clean they will not rush ur listing u have to wait in line like others so many scew up from u i dont think the admin has to rush it I just only changed some info on FaucetBox so I think I can get approved faster than others with new faucets, but that's only my opinion no they originally deleted u for all the nasty popups u had that had virus in it and u been a jerk instead appreciating help u got on another thread u shit on people |
|
|
|
|
Racey
Legendary
Offline
Activity: 1134
Merit: 1000
Soon, I have to go away.
|
|
May 16, 2015, 06:37:26 PM |
|
What is this for?  |
And its gone.
|
|
|
nano-btc
Member
Offline
Activity: 98
Merit: 10
Faucet owner
|
|
May 16, 2015, 06:42:50 PM |
|
You can lock your payout threshold, because without it, anyone can change it
|
|
|
|
|
Racey
Legendary
Offline
Activity: 1134
Merit: 1000
Soon, I have to go away.
|
|
May 16, 2015, 09:17:08 PM |
|
You can lock your payout threshold, because without it, anyone can change it
Thanks nano I can lock it and unlock, when I want ? when I reach my threshold I can then unlock to set it higher, no need for anything else like signing my wallet adress? as I have tried that before and can never manage to sign it, I have missed out on my balances from sites that wanted it this way. |
And its gone.
|
|
|
Kazuldur (OP)
Legendary
Offline
Activity: 971
Merit: 1000
|
|
May 16, 2015, 09:22:11 PM |
|
You can lock your payout threshold, because without it, anyone can change it
Thanks nano I can lock it and unlock, when I want ? when I reach my threshold I can then unlock to set it higher, no need for anything else like signing my wallet adress? as I have tried that before and can never manage to sign it, I have missed out on my balances from sites that wanted it this way. When you lock it once, you can't unlock it anymore. Once you lock it, you'll have to sing a new message each time you want to change your threshold. |
Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
|
|
|
|
