Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
Looking for work? Have a job and looking for that right person to fill your position? Post your resumes and open positions here! Does your company provide a service that the industry needs? Post your service here. Video Editing, blog writing, encoding, programming, the works. |
|
Thread Tools |
10-17-2017, 07:09 PM | #1 |
Slowly dying
Industry Role:
Join Date: Sep 2012
Location: Padanaram
Posts: 3,091
|
How Would You Set This Up?
I'm setting up payment gateways. Subdomain with Wordpress, Page with API. This is for a project using a different script. Instead of going to submit.php they'd go to /paymentprocessor/submit.html and ReCaptcha would send them to /subdomain/submit.php
Wordpress would not retain any information as it's a steppingstone to the API. It's solely for ReCaptcha. Each processor would have a subdomain. Or, I could have them click submit.html, not in Wordpress, which goes to a non-Wordpress payment.php page, with all API code. No retention of information. I'd use SSL and retain nothing. If Wordpress is hacked, there is only one page with ReCaptcha on it. If any API pages are hacked, it's just plain source code. IF they hijack via hack, I have scripts that detect file changes and notifies me. I can set that up to notify my host, too, if certain pages are changed. They could just 404 the pages with "Maintenance" message until I can fix and find out how the hack was done. I'm sure people will say to leave it as is, use SSL, and don't add unnecessary shit. I agree but want ReCaptcha in there. Pop ups can be disabled so the user can't get to see ReCaptcha. Being gone for so long with so many code and security changes has me thinking before I act the wrong way. Bottom line is I don't want any action taken unless they solve ReCaptcha. No bookmarking the pages to login, sign up, submit or pay. I know, it sounds impossible, but there has to be a way. Like "if-ReCaptcha-posts-unsolved-redirect-to-ReCaptcha-page" or "direct-URL-not-allowed-redirect-to-ReCaptcha-Page". THIS would avoid subdomains, Wordpress and mean simple coding of a handful of pages or files. Coders, am I overthinking this, complicating this, or am I on the right track with the redirect code on php pages? |