PrimeAuth Protection
PrimeAuth is an authentication system designed from the ground up to operate in a fast and efficient manner, intended to replace the existing solutions which are flawed and do not scale well.
Today, the most common password solution is to use an htpasswd file. These files are both slow to parse, and have a limit on the number of users. They are also very difficult to maintain, do not allow you to associate extra information with the user, and can be easily corrupted when making changes.
Storing your passwords in a MySQL database and using mod_auth_mysql is another common approach. This approach lets you easily maintain the data in the password database, and associate extra information with the account. However when used with mod_auth_mysql, an SQL query will need to be run for every request from your client's web browsers. This has the effect of slowing down the end user's experience, as well as using up connections and resources on your MySQL server. Further, when you are running maintenance on your database, it will prevent users from logging in. This solution does not scale well and your site will suffer as a result.
This is where PrimeAuth comes in to help. PrimeAuth will read the stored user/password data from the MySQL database, and compile it into a higher-performance application specific database, and handles all of the queries internally so they never hit your SQL server. This allows for large scalability and worry free authentication.
PrimeAuth can work with both Apache and PrimeHTTPD, and support for alternative web server software can be added as well should you need it.
Another great feature of PrimeAuth is called CookieAuth, designed for sites which have multiple subdomains domains that all need to be protected by the same authentication database(s). CookieAuth allows you to only prompt the user to login one time and then pass their authentication to any other subdomain off of that same domain. We also take it one step further, using specially crafted URL's you can pass authentication information amongst different domain names to avoid causing members to have to enter their login information over and over again between your associated domain names.
ISPrimeCop is a feature that can be enabled on PrimeAuth to protect your members area from password traders hassle-free. Using the same fast internal database to store your authentication information we can track how many usernames an ip has tried, or how many different netblocks have tried to use the same username in a timed interval. When a match is found we can disable the account and redirect the user to a block page. Changing their password will trigger the account to automatically be unblocked.
A proxylist is maintained to ensure that high traffic proxies such as those used by AOL, do not get blocked or trigger a username to get blocked.
Gigabyte usage limitations can also be turned on and can be used to limit the amount of data your members can download in one day. Once a user reaches the set limit, they will be cut off and redirected to a friendly URL advising them that they are over their limit for the day and to try back later.
PrimeAuth and ISPrimeCop are free to use on any ISPrime Hosted server.
