For adult paysite owners and anyone operating a premium content or subscription based website, member authentication and password security is a vital consideration, as not only will hackers attempt to “guess” their way into your site, but your members will also do their best to share their logins far and wide, forcing you to take security seriously.
Here’s a brief look at several popular members’ area security offerings:
For adult paysite owners and anyone operating a premium content or subscription based website, member authentication and password security is a vital consideration.
Pennywize (Pennywize.com)
According to the company, its online fraud prevention and membership management system stops the sharing of accounts and blocks brute force and dictionary based attacks. Pennywize prevents excessive downloading through individual daily bandwidth caps; uses CAPTCHA to help prevent attacks; and monitors sessions to stop concurrent users. The system also provides an audit trail of member actions on your website.
PhantomFrog (PhantomFrog.com)
A perennial favorite among adult webmasters, Phantom-Frog incorporates several unique technologies, such as geo-IP monitoring and velocity tests, to help ensure that only authorized members are accessing your site’s content. Besides standard brute force protection, PhantomFrog integrates customer support and membership management for automatic password reissuance; prevents automated site ripping software; is compatible with content delivery networks (CDN); and allows bandwidth throttling for limited trials.
ProxyPass (Proxigence.com)
An Apache module designed to mitigate members’ area attacks on single servers and load-balanced clusters; Proxy-Pass claims to be the only enterprise-class solution to stop brute-force cracking and compromised account abuse. ProxyPass maintains rocksolid system stability during resource intensive attacks, while a highly optimized architecture and detection algorithms improve Apache server performance, member satisfaction and the total cost of server and content ownership.
Strongbox (BetterCGI.com/Strongbox/)
Offering a different approach to the problem of members’ area security, Strongbox eliminates weaknesses inherent in the basic “mod_auth” grey box pop-up, replacing that system with a special login page. Strongbox then replaces the usernames and passwords with secure tokens based on a session ID and system fingerprint; using this information along with other techniques, including proactive spidering, to combat password sharing.