View User's Journal

Report This Entry Subscribe to this Journal

	The Events Log of Ami Sapphire Stuff just happens to me, huh?

	Using htaccess for evil.
	Using htaccess for evil.


The Backstory A popup screen prompts them to enter their username and password. This problem has been going on since April of 2008. People on Gaia (mostly newbies) were easily startled when they first saw it, so some of them typed that information in. Some point later, their items were taken, ghosted in some cases, and their account compromised, just to start the cycle again. Lather, rinse, repeat. Present Time After weeks of reading Questions and Assistance topics regarding this issue, and seeing a screenshot of one of the popups, I realized the scammers were using htaccess, supposedly with PHP. Confirmed to be PHP. That was about two weeks ago. Here is a screenshot (on my website, as it is too wide for Photobucket): The scamming website is edited out completely to prevent idiots from manually typing the site into the address bar. Note: At least Internet Explorer is more detailed with its htaccess settings. They post the scam link into profiles or journal entries as an image in this format: [img]http://scamming-site/scam.php[/img] in a post. In a forum's topic, a post or a signature. I think there's nothing Gaia can do about it unless PHP "image" linking is disabled on the site. Unfortunately, random signatures stem from PHP coding in that manner, and so many Gaians use that service. Special note: PHP is a server scripting language, not an image, hence the quotes on image after PHP. When I first saw this, I was like, "Yeah, you can type stuff in images... That's impossible." And I was right, seeing Internet Explorer's behavior with the popup. And the first thought that popped up was... htaccess. A thread showed such dialog screens where the main text was in partial Spanish, and the custom message was in English. This one I can answer. It's normal. Any dialog screen is displayed in the language the system is set on. The htaccess dialog is as well, except the custom message, hence the bilingual usage. -- Try this link and compare! Don't worry, this is only a private fanfiction archive with authentication: http://cwcyrix.no-ip.info/fhaven Hitting cancel at that screen only brings up a 401 error, meaning 'Authorization Required'. But it's the same thing, only this one requires one username and one password. I won't hand it out because this archive is set up for another small group. Before you yell out 'SCAAAMM!!!11!!!1!', re-read this paragraph. Truthfully, I've no useful information as to how this is done, other than they are using htaccess and PHP, and not an image. If I do indeed have more information, I will gladly edit this entry. Ami Sapphire* · Sat May 24, 2008 @ 08:54pm · 1 Comments


Ami Sapphire Community Member «Prev \| Next» Archive \| Home [04/19/11 08:52pm] [01/15/11 11:38am] [04/24/10 05:37am] [11/26/09 04:17am] [07/22/09 05:07pm] [07/12/09 06:16pm] [06/13/09 05:56pm] [05/22/09 01:21am] [04/21/09 05:59am] [04/07/09 07:17pm]

	User Comments: [1]
	User Comments: [1]


	Thanks for the information! I'd probably fall for that...D: I trust my internet too much. x] Offline Truffi · Community Member · Tue May 26, 2009 @ 03:53am

	User Comments: [1]
	User Comments: [1]

Offline

Black bugs & black inks - 500/500; Donators are mentioned on profile

[b:3df34fa86c]Quest Last Updated:[/b:3df34fa86c] 2013/07/09 [Finally finished!]
[spoiler:3df34fa86c]
[img:3df34fa86c]http://cwcyrix.no-ip.info/amiwiki.png[/img:3df34fa86c]
~IN BETA~
[/spoiler:3df34fa86c]
[img:3df34fa86c]http://cwcyrix.duckdns.org/Images/60dchot.png[/img:3df34fa86c]

Welcome to Gaia! :: View User's Journal | Gaia Journals

View User's Journal

More Information