I have app that logs in every couple hours on different servers and does some request on behalf of a business Instagram account via private instagram api. It's working well, but sometimes it gives me checkout point error and I have to manually open Instagram insert a code received via email or SMS. Cann't use such a service in production since this scenario could occur any time! Some long time ago it was just fine... Is there a way to bypass this checkout?
I guess they does this lock due to IP changes. Any ideas are appreciated.
These are Instagram's security measures and only way to make sure these won't pop up is to use same useragent, device ids and IP. But you could use SMSPVA API which will help you automatically verify the accounts
Related
I am creating a php application with the Coinbase API and the blockchain.info API. My (000webhost.com) webhost's communications with coinbase.com and blockchain.info API servers are getting a HTTP 403 CloudFlare Captcha. This completely cripples the API. I tried connecting with HTTPS, and tried changing the user agent, tried curl(), tried file_get_contents(), but I can't seem to get a real response from the API servers.
This is the error I get:
http://s10.postimg.org/ff8ggm6yx/Cloud_Flare_error2.jpg
Thanks for any help, I've been trying to figure this out for days.
The captcha is a security challenge page presented based on the security settings selected by Coinbase. Either the IP you're using or the user agent you're sending triggered the security challenge page here. If you complete the captcha (in a browser) a cookie would be temporarily set indicating you've passed this security challenge page successfully. Your best bet would be to contact Coinbase's support folks if you are still seeing this issue, and request that they consider whitelisting your IP address so that in the future you wouldn't receive a security challenge page like the one you indicated.
Disclaimer: I work at CloudFlare.
Until recently we have been using the old gapi php class to extract Google Analytics data from a variety of sites that we manage.
In a nutshell at night the sites download the Analytics data and stores it locally. Until recently it worked beautifully but all of a sudden we started receiving all sorts of weird errors like CaptchaRequired.
Anyway I've done some reading and got the impression that it was time we move to the new Google APIs platform and while I have tried to follow the HelloAnalyticsAPI tutorial we initially got a 403 error but now after leaving it for a while when I try and run the app I get redirected to Google to login.
I just don't seem to be able to get my head around it. We need to completely automate this process so redirecting to login on the Google site isn't going to cut it.
Can anyone help? Anyone seen these issues?
Use google api client for php, it's easy
http://code.google.com/p/google-api-php-client/
And dev guide for analytics (V3):
https://developers.google.com/analytics/devguides/config/mgmt/v3/
Google sends Captcha responses if they are unsure about the authenticity of the request. This can be caused by multiple requests from the same IP for various different accounts, use of the ClientLogin authentication mechanism, and even weak passwords on the account you are logging in to.
To prevent them, I would recommend using OAuth 2.0 for the authentication - there are other security benefits to using this too.
I am using Adwords API from last 3 months and all of a sudden today it is coming up with error message as follows:
Uncaught exception 'AuthTokenException' with message 'Failed to get authToken. Reason: BadAuthentication'
I am using google adwords V201101 php library with auth.ini containing all user details and settings.ini with https://adwords.google.com not sandbox environment. Can anyone help me with this please???
Thanks,
Murali.
you may requesting authToken from ClientLogin service too many times, that is way you get 'CaptchaRequired'.
Request authToken just for the first time, and then cache it for subsequent requests.
Check this out http://goo.gl/TOX6N
I recently had this problem trying to connect to Google DFP. I copied perfectly working code from my localhost after development and ran it on my remote cloud server. I then received the
Failed to get authToken
message. The reason was that google was blocking the attempted login as a security measure because it was a new location. I had to log into the google account (from the web) with those credentials in order to see the message and confirm the added login location. Everything worked fine after that authorization.
I've stumbled across this question and thought that this info may help someone else.
BadAuthentication means your username/password is incorrect. May be someone changed the account password, may be auth.ini got modified by mistake.
See detailed error codes here: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html#Errors
Cheers,
Anash
I started getting this error after somebody in my organization updated the password for the account my app was using to log in. The best way to avoid this happening again is to use OAuth2.
It's as easy as going to the Google API console and creating a Client ID for Installed Applications (under API access) for your project. You then use the Client ID and Client Secret in your Adwords API auth.ini file.
Next you run the examples/AdWords/Auth/GetRefreshToken.php script which will have you grant your app access to your Adwords account. You'll end up with a Refresh Token which you need to add to your auth.ini.
The ClientLogin (username and password) method of authentication is being deprecated in favour of the above so best to migrate ASAP.
I am working on an android app that basically brings functionality of a website to android. What I would like to do is to allow a user to sign up to the website from the android app. I think I should a use a service but I would like to take precautions to prevent the service from being abused, i.e. someone flooding with many fake accounts. Does anyone have any suggestions? What should I do on the app or on the service to prevent this? I though about using a captcha generated on the server but I would like to avoid that.
Edit--
I need to be able to create new user from the app, so I'm worried someone will figure out how I connect to the server and they will just start creating many new users. I am thinking on doing this with a post request but i am not sure if I should
Edit--
It just came to my mind that I should limit the requests coming from an IP address. Do cellphones share IP addresses or are they all unique?
You can use a WebView inside your mobile application, through this you don't need to get worried about authentication as you are already doing it in your web application.
A site I manage uses the my_twitter.php class simply to receive tweets from one certain account. As of a few hours ago this has stopped working, it displays a wrong username / password message while the credentials are correct.
On various websites I am reading about API problems but I'm not sure if the my_twitter class needs to be replaced with another one that uses OAuth, or will the problems be resolved and my_twitter start working again? That class is still listed as an official library by Twitter.
EDIT: turns out I do not need OAuth to just receive the latest tweet. http://dev.twitter.com/doc/get/users/show This link explains things well
This is from an email I received from Twitter this morning, titled 'Update: Twitter Apps and You':
Update 1: New authorization rules for
applications
Starting August 31, all applications
will be required to use “OAuth” to
access your Twitter account.
What's OAuth?
OAuth is a technology that enables
applications to access Twitter on your
behalf with your approval without
asking you directly for your password.
Desktop and mobile applications may
still ask for your password once, but
after that request, they are required
to use OAuth in order to access your
timeline or allow you to tweet.What
does this mean for me?
Applications are no longer allowed to
store your password.If you change
your password, the applications will
continue to work.Some applications
you have been using may require you to
reauthorize them or may stop
functioning at the time of this
change.All applications you have
authorized will be listed at
http://twitter.com/settings/connections.
You can revoke access to any
application at any time from the list.application at any time from the list.
So it does look like you need to find another library, that uses OAuth.
Quote from twitter received email:
Some applications you have been using
may require you to reauthorize them or
may stop functioning at the time of
this change.