Quote Originally Posted by Lee View Post
I was wondering if anyone had a good .htaccess strategy for redirecting this traffic the second it hits the server so that the users trying to use shared passwords, dont even hit the site itself?

Just thinking out load about ways we could add another layer of protection to our sites when it comes to password traders in addition to StrongBox.

So anyone have a solid htaccess strategy for redirecting traffic based on the anonym.to domain redirect service?
Note that anything you do server wide is going to have to be checked for every hit -
each time a customer loads a thumbnail they will be checked to see if they came through
anonym.to. Doing all that checking could easily add a lot more load than you save by
redirecting these people. It could probably be set up to check that as one of the first
checks when thery try to log in via Strongbox, so you're checking it just once, at the
point of log in, rather than checking for each and every hit. If this sounds like a route you
may want to try, please send me the appropriate log entries or whatever you have so I
can see exactly what you're talking about. Thanks.