Hack My Site

@WhiteShadow410 dude ur site is not attractive at all… not cool but still its something.

I’m focusing on the security first, the security is done. It will be attractive later.

You should of made a session or cookie that makes sure that the user does not get into the file, cause I got in.

What file are you talking about?

You might want a Captcha or something like that to avoid spam on your contact form..
And without knowing where the admin section is and without knowing the password it will take some time to log in using some kind of attack. But you could also add something that deactivates the log in function for a few minutes (just for the IP of the one who tried) when he tried it like 3 times and failed..

Could I do that just using PHP? And how could I make a cookie or something that only allows people who logged in correctly to /admin to see /logs?

You can just use Google to find some Captcha-Tutorials you will find a lot of stuff I think.
And if you want to do it with session it’s kind of easy, you can check whether they are set or not and if not you just redirect them to the previous page. All with PHP..

Awesome, thanks! This helps a lot. I’m sorry for the n00bish questions, but you know, I’m trying my best to learn good. I’ll apply all the things people suggested and put it on it’s very own webhost and then post it one last time for you guys can hack. I really appreciate the help.

What I mean White was the /log/ file.

Ok, the security is done. It is not the prettiest thing ever yet but it will be once I start talking to the owner about what he wants on it. Meanwhile, do whatever you want on /bob. You guys have until Sunday at 6pm, after that I start banning IPs. Have fun! :)

last time you posted about your website i got past your admin login. But i can not remember how have you changed the source codes since your last post.