Page 1 of 1

GUI is security risk ?

Posted: Sat May 24, 2014 9:06 pm
by NoLimitCrypto
I was told this

"oh you talking about your API being accessable and/or not escaping before calling it? no that's your bad

but yeah, turn off access to your API duh

onemanorgy: how do i do that ?

if you try to hit the mavens API on seals (http://sealswithclubs.eu:8087/API) it doesn't work (oddly you get a non-mavens response but whatever)

on yours someone could brute force your admin password"

Ok so the gui when i turn this off, it will effect the code I had written for autotmatic bitcoin deposits ?

And where are these white file and gui located?

Re: GUI is security risk ?

Posted: Sat May 24, 2014 9:07 pm
by NoLimitCrypto
whitelist localhost < thats where he said i could stop it

where would those be.

Re: GUI is security risk ?

Posted: Sat May 24, 2014 10:28 pm
by Kent Briggs
NoLimitCrypto wrote:whitelist localhost < thats where he said i could stop it

where would those be.
API Whitelist in Server Settings. You can also change the API path. And set your API password to something long so it can't be brute forced.