1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to tell if Nulled?

Discussion in 'General XenForo Discussion and Feedback' started by Xyphien, May 18, 2016.

  1. Xyphien

    Xyphien Active Member

    So, someone is asking me to help them out by adding some themes, addons, etc. of their xenforo site that they just asked me a few hours ago if I would help them with installing mybb, and somehow instantly changed to needing help with installing stuff for Xf. How do you tell if someone is using a Nulled version of Xf? I don't want to help someone out if they're using something illegal as it could damage my reputation, and it seems really sketchy how they asked me if I knew how to use MyBB one second, and then the next is installing themes in Xf.

    If someone could let me know how people find out how to tell if something is nulled or not that'd be great.
  2. Brogan

    Brogan XenForo Moderator Staff Member

  3. Ernest L. Defoe

    Ernest L. Defoe Well-Known Member

    Have them give you their validation token and use the License Validation link in the footer to see if it's legit or not. If in doubt contact the staff using the Contact Us link and selecting the option for that.
  4. Jake Sully

    Jake Sully Active Member

    how are you supposto get validation token when you don't even have access to license??? doesen't make sense :/ i wanna be able to validate a site if it's legit or not without a special token that i cannot get.
  5. ozzy47

    ozzy47 Well-Known Member

    You have the owner of the site get the validation token for the site. ;)
  6. Jake Sully

    Jake Sully Active Member

    like if most owners would even do that.

    I would peferr better validation method like whmcs uses and cpanel uses there you only give the domain and it validates if it's legit or not.
  7. ozzy47

    ozzy47 Well-Known Member

    If the owner don't want to give you a validation token, that can only be used to validate his license, then it is up to you if you want to help them or not.
  8. Mr Lucky

    Mr Lucky Well-Known Member

    Of course they would. If you are going to work on their site or give them technical support it is very feasible and normal to need to check their licence and for them to give it to you.

    I have registered with support sites for addons, and asking for the token is quite standard.
    CarpCharacin, LPH and ozzy47 like this.
  9. Freelancer

    Freelancer Well-Known Member

    Wouldn't it be possible just to check URLs vs the XF database of customers on the validation site? When you acquire a license of XF you must fill in your board URL anyway. This would enable XF third party service providers to check discretely if one is a legal customer or not.
    Xyphien likes this.
  10. ManagerJosh

    ManagerJosh Well-Known Member

    That's what the validation tokens do. Many addon sites currently request your API token and - in real time - checks against XF if the license is valid or not.
  11. Freelancer

    Freelancer Well-Known Member

    Yes...... and if you would have followed the discussion you would have a clue why I was proposing an easier method. A validation token is nice and fancy but redundant when the URL is binding anyway.
  12. Steve F

    Steve F Well-Known Member

    Not really since you can put any URL in such as http://localhost and can be changed at anytime.

    As for @Jake Sully wanting an easier method, it sounds like he suspects a site is running a nulled license in which case it should be reported to XenForo directly using the Contact Us form.
    Brogan likes this.
  13. Brogan

    Brogan XenForo Moderator Staff Member

    More specifically, the 'Report Piracy' tab:

  14. Freelancer

    Freelancer Well-Known Member

    In regard what the topic starter asked for, this makes no sense as he can not provide services other than to the real actual site the software is running on. Seems like nobody is listening. If he can validate the right ownership by checking if the URL is registered at XF with the software, he doesn't need to ask the client to provide a validation token. If there is a mismatch he can reject providing services. Other than that he can always ask for the token, but Jake Sully asked for an easier method without asking for the token. That's all.
  15. Brogan

    Brogan XenForo Moderator Staff Member

    The API is the only method of checking.

    It's unlikely that any other method will be provided.
    ozzy47 likes this.
  16. ozzy47

    ozzy47 Well-Known Member

    Which IMO is more than fair, some other platforms offer no such feature at all.
  17. Brogan

    Brogan XenForo Moderator Staff Member

    It's worth pointing out that making the information on whether a specific URL is licensed or not, by allowing third parties to query directly, could potentially be a breach of data protection (I don't know the law surrounding it so I'm just surmising).

    What has been implemented puts the onus on the license holder to make the API key public/available to a third party, so there's no potential breach there.
    ozzy47 likes this.
  18. Steve F

    Steve F Well-Known Member

    I was thinking the same thing. Some users do not want that information exposed.

Share This Page