PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Tue Sep 17, 2019 5:04 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Thu Nov 13, 2014 4:46 am 
Offline
Forum Newbie

Joined: Fri Aug 22, 2014 8:11 am
Posts: 3
Hello,

I have a very big problem with stolen data and i don't know how to STOP that.

The situation :

I have a website where i spend lot of time to register events and info on events (something like http://www.CoolEvents.com)
Users can log in and then comment events, and do other action when logged.

The PROBLEM :

Someone created AN IPHONE APPLICATION that is an EXACT copy of my website, and is name CoolEvent App !!!
Same infos, same comments, and you can log in via this app (parsing my site) and post comment on my website !

It's horrible for me, because 40% of my users now used this application (who earn money by displaying advertising).
So i losed 40% of visitors !!!

Without using legal channels, how can i STOP an IPHONE APP to parse my website or to acces to my website ?
Do you know a TECHNICAL solution to prevent an APP to PARSE and the copy my website ?
At least, is it possible to made it IMPOSSIBLE to log in to my website, and then be able to post comment on my site, by using this APP ?

Thanks for your help !!


Top
 Profile  
 
PostPosted: Thu Nov 13, 2014 4:40 pm 
Offline
Briney Mod
User avatar

Joined: Mon Jan 19, 2004 7:11 pm
Posts: 6446
Location: 53.01N x 112.48W
- Maybe do a check on your login page to make sure the POST request is coming from your site, not from somewhere else?
- Change the name of the username field to a random string, that is stored in the user's session. Then when a login occurs, check that POST variable. This way, you know you are only going to be allowing logins from your site - as a third party won't know what that random number is. Sure they could scrape you login page, but I doubt they're doing that every time.
- Depending on how the app is set up, it may be forwarding all requests through a central server. If that's the case, just block that IP or those IP ranges. If the requests coming from the app are coming from each individual's phone - then this won't work.

_________________
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group