Irmozo Posted November 13, 2014 Share Posted November 13, 2014 Hello,I have a very big problem with stolen data and i don't know how to STOP that.The situation :I have a website where i spend lot of time to register events and info on events (something like www.CoolEvents.com)Users can log in and then comment events, and do others actions when logged.The PROBLEM :Someone created AN IPHONE APPLICATION that is an EXACT copy of my website, and is name CoolEvent App !!!Same infos, same comments, and you can log in via this app (parsing my site) and post comment on my website !It's horrible for me, because 40% of my users now used this application (who earn money by displaying advertising).So i losed 40% of visitors !!!Without using legal channels, how can i STOP an IPHONE APP to parse my website or to acces to my website ?Do you know a TECHNICAL solution to prevent an APP to PARSE and then copy my website ?At least, is it possible to made it IMPOSSIBLE to log in to my website (and so be able to post comment on my site) by using this APP ?Thanks for your help !! Quote Link to comment https://forums.phpfreaks.com/topic/292434-website-stolen-by-iphone-app/ Share on other sites More sharing options...
priti Posted November 13, 2014 Share Posted November 13, 2014 - Change your database and other credentials first and do not share with anyone. Please note you may need to change in on website configuration as well. - In case, you are have API, use API credentials Also, I think you can ask iphone app support and enquire about the owner of the app as everyone has to register on site before making it availabel on app store. Quote Link to comment https://forums.phpfreaks.com/topic/292434-website-stolen-by-iphone-app/#findComment-1496470 Share on other sites More sharing options...
ignace Posted November 13, 2014 Share Posted November 13, 2014 (edited) Since people are using the native app it may be an opportunity for you to contact the creator of the app and come to a business arrangement, where he pays you X% of the profits. Be reasonable, he did create a native app for your website. If not, you have it taken down through the app store. Though the first option is better. Not really sure what you can do as a defense, assuming the user enters his credentials into the app, which then performs a sub-request on your website and stores the cookie locally and sends them with every request there after making anti-CSRF useless. In essence the app acts as a browser, so you need to figure out how to filter out the app using only the request headers, though I assume it will only be a matter of time before these are spoofed. Also keep in mind that any counter measures you may take may result in further visitor loss which is why I really advise you to take the first option. Edited November 13, 2014 by ignace Quote Link to comment https://forums.phpfreaks.com/topic/292434-website-stolen-by-iphone-app/#findComment-1496475 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.