Jump to content

Holdfire Network; Client Area Design

Jordan

By Jordan
in Showcase Your Site

 Share

Recommended Posts

Jordan Senior Member

Jordan

Posted
  • Author
Posted

Ugh, I'm learning the hard way that you need to make sure you have your files CHMODd properly!

 

I just had someone gank my template design (my Mint javascript tracker notified me) and realized that by just typing in the .tpl URL, you could see everything :'(

 

So I CHMOD'd everything so the public can't access it. Forgetting this, FTL! :(

0
Link to comment
Share on other sites
MACscr Senior Member

MACscr

Posted
Posted
Ugh, I'm learning the hard way that you need to make sure you have your files CHMODd properly!

 

I just had someone gank my template design (my Mint javascript tracker notified me) and realized that by just typing in the .tpl URL, you could see everything :'(

 

So I CHMOD'd everything so the public can't access it. Forgetting this, FTL! :(

 

Whats scary about that is that the unethical thief runs a hosting business as well. Wonder what else he has stolen from clients. I bet we could figure it out if you posted the IP that stole it.

0
Link to comment
Share on other sites
Jordan Senior Member

Jordan

Posted
  • Author
Posted
Add this to your (document) root .htaccess file:

<Files "*.tpl">
Order Allow,Deny
Deny from All
</Files>

Prevents direct tpl viewing sitewide, no permissions to remember. ;)

 

You know what, I didn't even think of that! I was just in a rush to get a temporary fix up, because I've had two websites do this already and for the life of me I could not figure it out.

 

Though the 2nd one helped me realize this, because he was using my hosting company's logo too.. Which is NOT in my template file zip at mywhmcs. I figured he somehow managed to get a copy of it there, but definitely not the case.

 

Whats scary about that is that the unethical thief runs a hosting business as well. Wonder what else he has stolen from clients. I bet we could figure it out if you posted the IP that stole it.

 

So far both of the websites removed it once I contacted them, but one of them actually WAS using the template from licensepal.com. I contacted the host about MY template (which WAS http://www.paypalpk.com/clients/index.php?systemtemplate=dashboard) and shortly after it was removed from the website.

 

Of course I replied back about licensepal and once I sent that email, the /clients/ directory had been removed. The other offending website was http://acc.indonix.com/clientarea.php.

 

And wow, checking it now, Ironically enough, he's now stolen someone elses design! Jesus Christ, this guy does not give up. He stole the design from https://www.magdesign.co.uk (who I am contacting right now about this.)

0
Link to comment
Share on other sites
Jordan Senior Member

Jordan

Posted
  • Author
Posted

Bear, I already did name and shame! :P The first one who paypalpk.com, and I was in contact with the host, and he decided to delete the account entirely, because he didn't want to be associated with design theft.

 

The other user who stole was http://indonix.com, and as of right now he's password protected the subdomain http://acc.indonix.com with the title "My Secret Folder."

 

I contacted him, and the only result I had was him removing it instantly--never did reply back to me about anything.

0
Link to comment
Share on other sites
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept