vBSecurity: What is it?
vBSecurity keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity.

Uses

vBSecurity is the ideal product for forums that are concerned about security, or wish to be alerted when something suspicious happens.
It keeps a watchful eye on your configuration file, ensuring that it does not get modified by mods or plugins.
Another important feature is the ability to add a secondary login, unique to each administrator, that is required before accessing the AdminCP. Ideal for forums where multiple administrators may share login information, or where administrators may log in from public computers.
Add in quick settings for the most vital vBulletin Options and Usergroup password settings, vBSecurity can easily be called one of the most comprehensive security suites for your vBulletin forum.

-------------------------------------------------------------------------------------------

If you like this mod please hit the https://vborg.vbsupport.ru/external/2015/08/1.png button to the right ---->

Please remember to click the, https://vborg.vbsupport.ru/external/2015/08/2.png button to the right if you installed the mod ---->

What does 'Marking As Installed' do ?

* It helps you to stay on top of updates - members who have installed modifications will be notified by us whenever new updates are available.

* For security issues - vbulletin.org will contact all members who have installed a modification whenever a security issue is brought to their attention.

* Marking a modification as installed also helps us know how many people are using our work, giving us extra incentive to provide more features and new modifications.

We appreciate the support!
-------------------------------------------------------------------------------------------

Priority support & Product Demos available at: http://www.dragonbyte-tech.com

-------------------------------------------------------------------------------------------

Translations available @ our forum (http://%22http://www.dragonbyte-tech.com/forums/91-Translations)
Support for translations handled by the translator in its respective threads only.

-------------------------------------------------------------------------------------------

Major Features
Administrator Security: .htaccess-like logins for your administrators means that even if they use the same password on multiple sites, malicious users still need a fresh, unique password to log in.

Security Watchers: Keep an eye on the most important aspects of vBulletin: config.php tampering, AdminCP / User Account access attempts, vBulletin Options, User Data, Usergroup Settings and Usergroup Permissions.
Detailed changelogs available for each watcher dealing with changes.
IP Ban, User Ban, Email alerts and temporary forum closure options available for each watcher individually.

Lite
* Searchable list of all AdminCP access attempts
* Searchable list of all failed login attempts
* Searchable list of administrator changes for areas governed by the Security Watchers
* vBOption: IP Address whitelist for AdminCP access
* vBOption: Separate "Closed Reason" for closures that happened due to potential security breaches
* Quick setting page for the most important vBulletin Options security settings
* Quick setting page for the most important Usergroup security settings
* Security Watchers: General - config.php Variable Tampering, AdminCP Access Attempts
* Security Watchers: Logins - Failed Logons, Failed Mass Logons
* Security Watchers: vBOptions - vBulletin Active, Reason For Turning vBulletin Off, Banned Email Addresses, Banned IP Addresses, Use Login "Strikes" System, Whitelisted IP Addresses, Whitelisted IP Addresses - Exclude Super Administrators
* Security Watchers: User Data - User Name, Password, Email, Primary Usergroup, Additional Usergroups, Reputation Level, Warnings, Infractions, Infraction Points, Receive Admin Emails
* Security Watcher Actions: 2 thresholds with individual configuration options, IP Ban / User Ban / Email Webmaster / Close Forum options available for each Watcher option listed above. Some watcher options may not have all actions.

Pro
* Optional .htaccess-like login on a per-administrator basis
* Settings Snapshots - take a "snapshot" of how the vBulletin Options look at the time, instant restore by clicking Load on a previous snapshot
* Security Watchers: Usergroup - Password Expiry, Password History, every usergroup permission group, every "value" permission
* IP Guard: Administrator IP Address authorisation scheme (similar to Steam Guard) - Require email verification for new IP addresses to access the AdminCP, per-administrator disable

-------------------------------------------------------------------------------------------
This mod displays a copyright notification in the footer of all pages which includes:
1 Link to DragonByte Technologies homepage
1 Link to Product Description page of this modification

Looks like another great modificaton you guys.
Congrats and thanks for the share!

J.

Installed this as per the instructions given and it immediately killed my site.

When going into the settings in admincp, I got alot of depreciated errors showing at the top.

Main problem was the site would not load. All that would show was this error message:

Fatal error: Class 'VBSECURITY' not found in /var/www/vhosts/watchgeeks.net/httpdocs/dbtech/vbsecurity/hooks/global_complete.php on line 65

I turned the mod off and still could not load the site. The site would not load until fully uninstalling the mod.

I like what this mod is supposed to do...but it sure isn't working for me.

Nothing?

Same as above, just get the same error when installed.

Have had to uninstall.

Same as above, but i have just a white page !! No forum,No thing !

any forum works fine with mod installed??

thanks a lot
will try it

never like this mods (security or firewall)
i think anyone installed this mod stop working site.

i think only solution you have guys go to official site of DragonByte and wait to support or fresh install site software without this mods.

I'm very sorry for not replying, I forgot to subscribe to this thread so I was not alerted of new replies :(


vBSecurity v1.0.3:
Feature: Failed AdminCP Logins will now display the username the person tried and failed to login with
Fix: (vB3) Should now work correctly


Fillip

vBSecurity v1.0.4:
Feature: Added a block of text to Security Recommendations that discusses server security for WHM-based servers

Fillip

nice news
thanks DragonByte

I get this error on top:

Warning: array_diff() [function.array-diff]: Argument #2 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 9

Warning: array_diff() [function.array-diff]: Argument #1 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 10

Warning: array_diff() [function.array-diff]: Argument #2 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 9

Warning: array_diff() [function.array-diff]: Argument #1 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 10

Warning: array_diff() [function.array-diff]: Argument #2 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 9

Warning: array_diff() [function.array-diff]: Argument #1 is not an array in [path]/dbtech/vbsecurity/hooks/global_complete.php on line 10

Please try disabling all other addons as you may have a conflict.

Fillip

Any One Help Me Look This Error In Admincp
Fatal error: Class 'VBSECURITY' not found in /home/yahoorul/public_html/dbtech/vbsecurity/actions/admin/changelog.php on line 19

Are you running the i.s.s.w security product? If so, disabling it or changing its admin_global plugin execution order to 65535 may fix it.

If you are not running that product, please try disabling all other mods that run on the admin_global plugin location, then check if it's working. If it is, re-enable them one by one until you find the culprit. Once you've found the culprit, set its plugin execution order to 65535 and it should work :)


Fillip

Brother i have 1 Problem When I Set My And My Friend IP Address In White List Then After 1 Day My Friend IP Not Working And Show "This IP Not In White List" Then I Check His IP In My Forum His IP Change Then I add New IP This Is Daily Problem Help Me Please
Thanks In Advanced

That's working as intended :)


Fillip

vBSecurity v1.0.5:
Feature: The Affiliate ID setting now properly integrates with the link-back
Feature: Added Login Strikes Viewer that lets admins browse all failed logins
Fix: Bugs with the Admin Strikes Viewer that prevented natural browsing from working properly in some scenarios

Fillip

Affiliate ID link hotfix

Fillip

vBSecurity v1.0.6
Feature: Improved logging details for Control Panel actions
Change: Changed the Branding display method to inject itself into the copyright footer (underneath vBulletin copyright) instead of the page footer.
Change: Changed the Branding Free Key to a more secure key.

Fillip

Update

Hotfix: PHP 5.4 Compatibility fixes


This does not guarantee the mod is error free on PHP 5.4, but it will take care of the reported errors. Thank you all for your reports :)



Fillip

https://vborg.vbsupport.ru/external/2014/06/19.jpg

tell me this how to solve this pleas........ how to uninstall it forum cpanel..

Please also check your spam folder, it's possible the emails were added there.

Fillip

vBSecurity v1.1.2

ACP Access Log / Verifier

Triggers an email alert if the IP addresses no longer match
Sends email to the Webmaster Email listed in the vBulletin Options



Fillip

I just installed this and it went in like a charm. :cool: I was very careful to read everything and pay particular attention to all the options and warnings. Thanxx for such a fine Modification! I plan on using it for awhile to learn more of what-all it's capable of, then perhaps moving on up to the PRO version.

One question, the mod states:

Lite
* Security Watcher Actions: 2 thresholds with individual configuration options, IP Ban / User Ban / Email Webmaster / Close Forum options available for each Watcher option listed above. Some watcher options may not have all actions.

What does some watcher options may not have all actions mean?

The only issue I've found is when the Ban IP Address box is checked, it doesn't seem to perform the function. I am assuming the newly banned IP Addresses should appear in the standard Banned IP Addresses box of the vBulletin Options, or are they entered somewhere else?(...that I can't seem to locate :confused:)

One question, the mod status:
Lite
* Security, Watcher Actions: 2 thresholds with individual configuration options, IP Ban / User Ban / Email Webmaster / Close Forum options available for each Watcher option listed above. Some watcher options may not have all actions. What do some watcher options may not have all actions mean?

The only issue I've found is when the Ban IP Address box is checked, it doesn't seem to perform the function. I am assuming the newly banned IP Addresses should appear in the standard Banned IP Address box of the vBulletin Options, or are they entered somewhere else? (... That I can't seem to locate) :confused:
I have the vb4 version and it does not add you need to do it manually

Does the PRO Version add Banned IP Addresses automatically, or is it manual as well?

Both versions add it manually. The only way it does not, is if either you didn't configure a number of intrusions needed for a ban to trigger, or the IP address is already in the banned IPs list.

Fillip

So what does checking the Ban IP Address box actually do then? The mod emailed me just fine, indicating that "The actions you have configured in the Security Center have been taken." but according to your reply above the mod will not perform the action of (automatically) adding a new IP Address to the Banned IP Address box in vB.(i.e. What difference does it make, whether the Ban IP Address box is checked or not?)

While my question still remains (above), educate me as to why it would not be a good idea to automatically Ban an IP Address that is attempting to login using -1' -and/or- user name as the actual username? These examples just seem like nefarious attempts to gain illegitimate access to a board by general (up to) no-good-doers.

vBSecurity v1.1.3

Changes to Existing Features:

Mass Password Reset

Now uses a more secure method of generating temporary passwords
Enables greater security for users, avoiding brute force attacks on their passwords before the passwords can be changed



Fillip

vBSecurity v1.1.4

New Features:

Scheduled Password Reset

Enforces a password reset for a user upon next login, via the User Manager in the ACP
Mimicks the "Password Expiry" feature in vBulletin
Great for forcing users to provide a more secure password


(Pro) Mass Scheduled Password Reset

Enforces a password reset for every account upon next login
Mimicks the "Password Expiry" feature in vBulletin
Great for forcing users to provide a more secure password



Fillip

vBSecurity v1.1.4 Patch Level 1

Bug Fixes:

Fixed an issue where the mod wasn't initialised in the ModCP



Fillip

vBSecurity v1.1.4 Patch Level 2

Bug Fixes:

Fixed an issue where the "IP Awaiting Authorisation" message would not display correctly in the DBSEO CP.



Fillip

vBSecurity v1.1.4 Patch Level 3

Bug Fixes:

The "Unrecognised AdminCP Login From <new IP address>" email would be sent without a subject and body



Fillip

vBSecurity v1.1.5

New Features:

AdminCP Login Viewer

Paginated list of all AdminCP logins
Filter by User Name
Filter by start/end date
Filter by IP Address
Change sort column


AdminCP Login Prune

Only accessible to users with the required config.php permission
Optional age limit



Fillip

vBSecurity v1.1.6

New Features:

Admin Strikes Viewer: Prune

Only accessible to users with the required config.php permission
Optional age limit


Changes To Existing Features:

General / Other

Streamlined the phrasing for the ACP Logins and Admin Strikes interfaces



Fillip

vBSecurity v1.1.7

New Features:

Change Log Viewer: Prune

Only accessible to users with the required config.php permission
Optional age limit



Fillip

vBSecurity v1.1.7 Patch Level 1

Bug Fixes:

Turning off the modification via the vBulletin Options will now work as intended



Fillip

Several good improvements this year. Unfortunately vBSecurity hasn't reduced the number of mass logons hammering my site. And banning the spoofed IP addresses just causes problems for legitimate users.

Unfortunately, in order to reduce those, you would need alternative solutions. This isn't designed to be a preventative measure, but rather a reactive measure. In other words, "oh hey I see X is going on, I should verify and react to it" rather than something akin to what a firewall would be (e.g. blocking malicious traffic without user interaction).

Fillip

vBSecurity v1.1.8

New Features:

Login Strikes Viewer

Login Strikes log entries can now be pruned
Requires the "Can Prune Log Entries" config.php permission



Fillip

vBSecurity v1.1.8 Patch Level 2

Bug Fixes:

Turning the modification off via the "Enable Modification" vBOption meant you could no longer access the majority of vBSecurity admin controls
Fixed an issue with the "login strikes" page that could produce a fatal error in certain scenarios



Fillip

vBSecurity v1.2.1

New Features:

IP Verification: Front-End

Users can control whether to require email confirmation of new IP addresses for front-end pages
Toggleable via the UserCP
Works in a similar fashion to the AdminCP and ModCP versions


IP Access Log

Tracks all IP addresses used to access a user account
Overrides the "Search IP Addresses" functionality in vBulletin to provide advanced functionality
Works with all existing links to the "Search IP Addresses" functionality


IP Access Log: Search New IPs

Searches for any new IP addresses being used to access accounts
Displays a familiar looking list of IP addresses
Selectable "start date" to check for new IPs


IP Access Log: Multiple Account Access IPs

Searches for any IP addresses being used to access multiple accounts
Displays a familiar looking list of IP addresses


Changes To Existing Features:

Altered vBulletin & vBSecurity tables to be IPv6 compatible



Fillip

vBSecurity v2.0.0

New Features:

(Pro) New Security Watcher: "Failed Logins: Non-Existent Usernames"

Checks for logins against a single username that doesn't exist
Lets you take separate action towards bots trying to login with stolen user credentials that don't exist on your site
Integrates into the existing "Logins" watcher group


(Pro) New Security Watcher: "Failed Mass Logins: Non-Existent Usernames"

Checks for logins against multiple usernames that don't exist
Lets you take separate action towards bots trying to login with stolen user credentials that don't exist on your site
Integrates into the existing "Logins" watcher group


(Pro) Compromised Accounts Detection

Alerts the webmaster if someone has failed multiple logins and then successfully logs in to an account
Lets you search the logs for the IP address in question to determine whether this is legitimate


(Pro) IP Ban Log Viewer

Browsable and searchable log of all banned IP addresses (from the point of installing v2)
Lets you ensure no legitimate members are banned


Multiple Watcher Actions

Define more than 2 actions per watcher
Prioritised in the order they are defined
Gives you even more fine-tuned control over the actions taken against potential intruders


Log Pruning

Old entries from the adminstrikes, loginstrikes and ipverify tables can be automatically pruned
Settable in the vBulletin Options
Defaults to pruning data older than 30 days



Changes To Existing Features:

Security Watcher Log

Rewritten to improve performance
Uses a dedicated log table instead of using the datastore



Fillip

vBSecurity v2.1.0

New Features:

IP Verification

IP addresses that have been verified by users or administrators will no longer be subject to IP bans
Helps prevent false positives


Admin IP Verification: Re-Send Emails

Administrators can request to re-send the email to verify their IP address
Useful if the email takes a long time to arrive for whatever reason


User IP Verification: Re-Send Emails

Users can request to re-send the email to verify their IP address
Useful if the email takes a long time to arrive for whatever reason


Security Watcher Display

The time period for the Security Watcher display can be configured
Default: 7 days
Controlled via vBulletin Options


(Pro) User IP Verification: Admin Control

Super Administrators can disable a member?s IP verification setting via the AdminCP user management screen
Accessed via the User Manager


(Pro) IP Address Search: Country Display

The IP Address Search screen includes the IP address' country, if your system supports this
Requires GeoIP2 downloaded database on your server
Controlled via vBulletin Options


(Pro) IP Host Lookup: Country Display

The IP Host Lookup screen includes the IP address' country, if your system supports this
Requires GeoIP2 downloaded database on your server
Controlled via vBulletin Options


(Pro) IP Address Search: IP Usage

The IP Address Search displays the first and last logged date for a particular IP in the "Logged IP Addresses" list
Only displays IP addresses since v2.0.0 was installed.


(Pro) Compromised Accounts Log

Displays a list of accounts flagged as potentially compromised
Quick links to users' logged IP addresses as well as displaying current IP address
Fully searchable
Can only be viewed by administrators with the "Can View Admin Logs" config.php permission
Can be pruned by administrators with the "Can Prune Admin Logs" config.php permission


(Pro) Watcher log

Displays the complete list of all Watcher log entries
Can be filtered by individual watchers
Fully searchable
Can only be viewed by administrators with the "Can View Admin Logs" config.php permission
Can be pruned by administrators with the "Can Prune Admin Logs" config.php permission


(Pro) User IP Verification log

Displays the complete list of all user IP Verification entries
Displays whether the IP has been verified or not
Fully searchable
Can only be viewed by administrators with the "Can View Admin Logs" config.php permission
Can be pruned by administrators with the "Can Prune Admin Logs" config.php permission


(Pro) Admin IP Verification log

Displays the complete list of all admin IP Verification entries
Displays whether the IP has been verified or not
Fully searchable
Can only be viewed by administrators with the "Can View Admin Logs" config.php permission
Can be pruned by administrators with the "Can Prune Admin Logs" config.php permission



Changes To Existing Features:

Consolidated the code that applies watcher actions to enable easy extension in the future
Config Tampering alerts can now be reset
Reworded one of the new Log Prune options to clarify what exactly it?s pruning
All log pages now require the config.php "Can View Admin Logs" setting for additional security
"AdminCP Logins Viewer" now uses username search instead of a drop-down for improved performance
"Admin Strikes Viewer" should now perform better as a result of removal of an unreliable feature
"Login Strikes Viewer" now uses username search instead of a drop-down for improved performance
"IP Ban Log Viewer" now allows you to filter by action when pruning the log



Bug Fixes:

An issue where limiting the IP Ban Log by action would not work as intended has been corrected
"Failed Admin Logins" have been moved to the "Logins" watcher group, as was intended
Fixed an issue where the Config Tamper watcher log could not be reset



Fillip

vBSecurity v2.1.0 Patch Level 3

Bug Fixes:

Fixed an issue where administrators without "Can Administer vBSecurity" could no longer search for IP Addresses (regression)
Fixed an issue with the Search IP Addresses page on vB3



Fillip

vBSecurity v2.1.0 Patch Level 4

Bug Fixes:

IP Verification should no longer run if the current page is the [DBTech] Two-Factor Authentication page



Fillip

vBSecurity v2.2.0

New Features:

Global IP Address Whitelist

IPs can be protected from triggering any actions (such as forum closure or bans)
Powerful wildcard options similar to vBulletin's IP banning
Controlled via vBulletin Options



Fillip

Changed Features:

A fresh copy of the jQuery library is now only downloaded if one has not been downloaded previously. Requires updating of all other affected DBTech mods to take full effect.



Fillip

vBSecurity v2.2.2

New Features:

"Failed Logons" Watcher

Option to send an alert to the user whose account has been triggered


Changed Features:

"Failed Mass Logons" now only triggers if the user tries unique usernames


Bug Fixes:

The "Failed Mass Non-Existent Logons" rule sets would not trigger correctly, instead the "Failed Mass Logons" ruleset was used



Fillip

vBSecurity v2.2.3

New Features:

CLI Maintenance Script

Ability to execute either of the two maintenance actions via the command line


Search IP Addresses: Find Potential Intruder IP Addresses

Displays a list of IP addresses who have failed to login to valid member accounts more than once
Also displays any successful logins from these IP addresses


Bug Fixes:

A few phrases were accidentally created with the wrong phrase key, leading to blank emails being sent in some scenarios
The "Password Rules" checkboxes would not update if the user pasted their password via the right click menu



vBSecurity v2.2.4

Changed Features:

Password Reset

The created password is now based on the user?s password rule requirements
The Mass Password Reset action now creates a random password based on the user?s password rule requirements




Fillip

nice work

at dimofinf script have warring in admincp to folder not have firewall

add it its good
and else firewall to include and modcp

its good idea for you to add it in product ;)

nice work

at dimofinf script have warring in admincp to folder not have firewall

add it its good
and else firewall to include and modcp

its good idea for you to add it in product ;)Sorry, I'm not sure what you're suggesting, could you clarify please?


Fillip

Hi. Installed and am getting the following error when I try to access options in the left menu:
Parse error: syntax error, unexpected '[' in /usr/local/apache2/htdocs/bulletinboard/dbtech/vbsecurity/includes/adminfunctions.php on line 121

Hi. Installed and am getting the following error when I try to access options in the left menu:
Parse error: syntax error, unexpected '[' in /usr/local/apache2/htdocs/bulletinboard/dbtech/vbsecurity/includes/adminfunctions.php on line 121It sounds like you are running a very old version of PHP. Could you please make sure you are running the latest version of vB3, and that you are running PHP 5.6?


Fillip

Thanks. That's it, I'm running 5.1...

Thanks. That's it, I'm running 5.1...PHP 5.1 has not received security updates for quite literally 10 years. Your server is at severe risk just now.


Fillip

I'm already working on the update, thanks. I can handle that myself but if I have to also update MySql in the process that will be server side and there will be fees involved. Thanks!

vBSecurity v3.3.0:
Feature: New option: Enable Account Breach Check
Feature: New option: Account Breach Check: Check Username

This mod has been updated to be brought in line with the XenForo version.

Fillip

Hi,
Tried to install, had previous version before but had removed.
On Import received an error regarding global_complete.php
Need to edit path for config.php as i had changed this.
In AdminCP any options for this mod shows this sql error:
Invalid SQL:

SELECT administrator.*,
userfield.*, usertextfield.*, user.*, UNIX_TIMESTAMP(passworddate) AS passworddate, user.languageid AS saved_languageid,
IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid,
language.phrasegroup_global AS phrasegroup_global,
language.phrasegroup_dbtech_vbsecurity AS phrasegroup_dbtech_vbsecurity,
language.phrasegroup_cphome AS phrasegroup_cphome,
language.phrasegroup_logging AS phrasegroup_logging,
language.phrasegroup_threadmanage AS phrasegroup_threadmanage,
language.phrasegroup_maintenance AS phrasegroup_maintenance,
language.phrasegroup_banning AS phrasegroup_banning,
language.phrasegroup_cpuser AS phrasegroup_cpuser,
language.phrasegroup_cpoption AS phrasegroup_cpoption,
language.phrasegroup_cppermission AS phrasegroup_cppermission,
language.phrasegroup_diagnostic AS phrasegroup_diagnostic,
language.phrasegroup_cpglobal AS phrasegroup_cpglobal,
language.options AS lang_options,
language.languagecode AS lang_code,
language.charset AS lang_charset,
language.locale AS lang_locale,
language.imagesoverride AS lang_imagesoverride,
language.dateoverride AS lang_dateoverride,
language.timeoverride AS lang_timeoverride,
language.registereddateoverride AS lang_registereddateoverride,
language.calformat1override AS lang_calformat1override,
language.calformat2override AS lang_calformat2override,
language.logdateoverride AS lang_logdateoverride,
language.decimalsep AS lang_decimalsep,
language.thousandsep AS lang_thousandsep

FROM user AS user
LEFT JOIN userfield AS userfield ON (user.userid = userfield.userid)
LEFT JOIN usertextfield AS usertextfield ON (usertextfield.userid = user.userid) LEFT JOIN administrator AS administrator ON (administrator.userid = user.userid) LEFT JOIN language AS language ON (language.languageid = IF(user.languageid = 0, 2, user.languageid))

WHERE user.userid = 1;

MySQL Error : Unknown column 'language.phrasegroup_dbtech_vbsecurity' in 'field list'
Any help? Cheers

I am confused by the purpose of the IP Address Verifier - can someone explain it to me? I tried it out with my VPN, and the 'Stored IP Address' changes to whatever IP I am currently browsing from, so how is this supposed to work?

The download package has been updated to address a minor security vulnerability that could allow an attacker to inject code for their own user only (not other users) when viewing their currently active login sessions.

This vulnerability cannot be used to exploit your forum, this is not a critical vulnerability.

Fillip