How do I make a 401 trap?
 

Hi -

As a paysite owner, I often get surfers attempting random username/password combinations to try to get access to my members areas. They end up on a generic 401 "unauthorized user" error page.

I'd like to have something else come up for that 401 instead - a hub page, an FPA, etc. How do I set up a file or files to do that? It's clearly not as simple as just naming a page "401.html" since I've tried that already. |badidea|

Thanks!

Don't "TRAP" them... remember half of them are your own members entering their PW incorrectly..

Give them a nice page that says they made a mistake.. or they need to signup for full access..

Create a page called 401.html

In your htaccess put


ErrorDocument 401 /401.html


Test it.. and your done

DD

I've inspected my error logs repeatedly over the past year, and not even counting the automated distributed brute-force hacking attempts, I'd say about 98 out of 100 are not my users making mistakes, but people seeing if any given user/pass combo will magically work to unlock the gates of paradise. |jackinthe

You certainly bring up a very good point though - no sense pissing off any paying customers. I'll make a page with a polite suggestion to check their typing and try again, but give a whole bunch of links to other sites/sponsors/FPAs as well.

Thank you, DangerDave! |waves|

What DD said about your 401 page. :)

If it is hacking that is a problem then have Strongbox installed. I just did on the site that I'm managing and it instantly put an end to this bullshit.

.

The "take-home message"

Without question StrongBox rocks...

Now where is that Wm affiliate program...? Ray?! :D

DD