For those who are using Rapidshot script. BEWARE!!!

The script is pretty crappy. I have seen it before. You should be using a script that stores everything in a mysql database at least. That way make it much harder to steal the info. I used to have one like that somewhere for one of my sites. But its a real pain keeping up with these sites like that. They eat tons of bandwith.

 

I've been running a private service based on this script successfully for over a year now

 

This is very profitable business
I earn around $10+/day from adsense alone
Looking to increase revenue by installing PPI

 

It definitely IS profitable, but in my case, I don't earn as much as I spend
Maybe because I don't do it for a profit

 

i used it before and got my acc hacked!! so i found the trick in the php file....

just send me all your rapidshot files and i return them to you without the trick !

 

no fix needed. simply install it as the instructions say and all is fine.
if you install stuff sloppily its your own fault.

i can only quote my own post from before...


BTW- rapidshot5 will soon have a successor. be prepared. as far as i know it is already created and will be released soon.

 

Where can you get the script?

 

Hi,

Thanks for the valuable information.

Regards,
Srinivas.

 

Anyone want to update their protection or want some modification, just talk to me

 

I'm using Rapidleech, but I'll manually add accounts to it, Now I want to test the Rapidshot.

Can any one suggest me which one is better and why?
And also which one is more secure and how?

Thanks...

 

you should have locked the account so, password could not be changed

 

Which hosting do you'll use for Rapid shot.

And how much does it cost to host it.

 

Without a proper dedicated server, rapidshot script hosters/owners won't survive for more than a couple weeks. It uses a lot of server resources (not just bandwidth)

 

i don't think the script was installed sloppily, the rapidshot script is a damn fine script, with speed and efficiency in account rotation in mind. furthermore, using folders as a method for account storage was the only option, since using mysql would cause too many sql connections error.

however, even when i have checked and double-checked my own script, some son-of-a-b somehow managed to upload (even though i don't have an input form anywhere for that) a jpg file which was actually a rar file full of some credit card hacking files, into the root folder. dunno how they managed to do it, even with a highly secured htaccess. there wasn't any hack-evident result, the site didn't go offline or anything. however i have been forced to harden the htaccess even further. i'm wondering, how could they have done this, upload files to the server. i don't use idiotic passwords, and i don't give the password to ftp to anyone...there some serious lack of hacking knowledge on my part that i'm not figuring out that leads to this, even tho i do follow the usual php guidelines to prevent sql injections.

all-in-all i don't think renaming folders is going to do you much good (security by obscurity) although it does help not to leave an open door to your burglar. properly cleansing user input and so on is the way to do it, otherwise you'll get hacked eventually.