Richard Koopmann, found a backdoor into the member-only posts on TBR:

Back to the point, in my bit.ly network is an account held by Ben Brooks that tweets out a link whenever a new post hits his website. And as I found out, converting a bit.ly user page into an RSS feed is as simple as appending .rss to the end of the URL.

Koopmann was kind enough to contact me before posting this so that I could fix the hole, but it’s certainly one I had never even thought about. Since launching the paywall I have had quite a few people email me about backdoors they found into the content — none sounded malicious, most found their way in accidentally.

When designing the paywall I knew one thing: there will always be ways around the paywall, always. I can’t stop it, so I just accept it as fact.


Posted by Ben Brooks