vb.org Archive - Add-On Releases - DnP Firewall : SEO Friendly Double-Protection Layers against Flood / DoS / Spam Bots

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)

- - Add-On Releases - DnP Firewall : SEO Friendly Double-Protection Layers against Flood / DoS / Spam Bots (https://vborg.vbsupport.ru/showthread.php?t=221739)

Thank you for this awesome mod, hopefully it does the job
it is suppose to do. Keep up the great work silveryhat!!

Regards,
Kev

Quote:

Originally Posted by need2fart (Post 1894568)

I am unsure about installing this mod. Recently I've been receiving DDoS attacks, about 300 zombies were flooding my forum with a UDP flood... Will this help me lol? I get flooded by medium attacks like 300-500 zombies. =\

Will this have any effect or save my forum? I hate having my host banning all the IP's and I soon find out half my members were infected with botnets. This has all been fixed but, still I'm bracing for another DDoS attack soon.

On a scale of about 1-10

If I got DDoSed by about 100 zombies, would my forum still load with this hack?
Normally if I get attacked by 100 zombies I do lose connection to the server -

Thanks man I've been looking for a good firewall for preventing DDoS. I'm sad hostgator doesn't offer ddos hardware protection.

On the situation of 100+ bots , the firewall could reduce the attack 20-80% theoretically, depend on what technique it uses and what type of flooding it is, xFlash or IMCP flooding etc...

As the matter of fact, you should also deny these ips or the the ones cause the most requests during the flood occurrence , then remove the list after it has gone.

Quote:

Originally Posted by jchamber2010 (Post 1894939)

How hard it to change your Useragent? I know that in firefox it is really quite easy to do using About:Config, same with seamonkey. This wouldn't offer protection at all if the DDoSer knew about it.

It still has two layer of protections even if user-agent is fake. You can give it a try :)

Quote:

Originally Posted by big219 (Post 1895082)

Thank you for this awesome mod, hopefully it does the job
it is suppose to do. Keep up the great work silveryhat!!

Regards,
Kev

I'm developing a newer version based on a new bounce back technique, still waiting for feedback from my professors though. ;)

My apologies if this is already answered but i'm short for time at the minute:

Does it log IP addresses of potential DDoS attempts?

Quote:

Originally Posted by silveryhat (Post 1895749)

...t still has two layer of protections even if user-agent is fake. You can give it a try :)...

I can make your website think my browser is the Google Bot, so it's either going to let me in, and believe that I'm the googlebot OR it's going to be blocking the real googlebot

Parse error: syntax error, unexpected ':', expecting ')' in /home/xxx/public_html/vb/dnp_fw_config.php on line 29

??

Quote:

Originally Posted by James Birkett (Post 1896072)

My apologies if this is already answered but i'm short for time at the minute:

Does it log IP addresses of potential DDoS attempts?

This is my respond to a similar concern :)

Quote:

It was one of my concern when I first start coding the mod. I believe generating logs during an attack will consume alot of server resource and I want the minimize the amount of damage to the forum so log feature has been removed.

Quote:

Originally Posted by jchamber2010 (Post 1896327)

I can make your website think my browser is the Google Bot, so it's either going to let me in, and believe that I'm the googlebot OR it's going to be blocking the real googlebot

The two other protection is the 2nd layer protection and cookie check ;) , too many requests will disable the session no matter if the visitor is bot agent or not.

Quote:

Originally Posted by Dr.LoVe (Post 1896514)

Parse error: syntax error, unexpected ':', expecting ')' in /home/xxx/public_html/vb/dnp_fw_config.php on line 29

??

You have done some misconfiguration. Try to use the original file or post the content of your dnp_fw_config.php and I'll check for you.

i didn't do anything just add my website link look here

Code:

<?

//List of Search Engine Agents

$UserAgent = array(

        'Googlebot',

        'msnbot',

        'slurp',

        'fast-webcrawler',

        'Googlebot-Image',

        'teomaagent1',

        'directhit',

        'lycos',

        'ia_archiver',

        'gigabot',

        'whatuseek',

        'Teoma',

        'scooter',

        'Ask Jeeves',

        'slurp@inktomi',

        'gzip(gfe) (via translate.google.com)',

        'Mediapartners-Google',

        'crawler@alexa.com'

);



//Your forum *domain only*

//Define domain with and without www

//Do not add trail at the end

//Example : 'google.com' , 'www.google.com'

$Forum_domain = array(

        ‘http://xxxx.com’,

        ‘http://www.xxxxx.com’,



);



//2nd Layer Flood Protection enable ?

//1 to enable , 2 to disable

$config['dnp_firewall_2nd_layer'] = 1 ;



//Amount of time in second to show restrict message if a Flooding attack is determined

$config['dnp_firewall_wait_time'] = 10 ;



//Amount of penalty to be considered a Flooding attack. 

//Every time multiple requests sent to the forum in less than few a second, penalty count increased by 1.

$config['dnp_firewall_penalty_allow'] = 6;

?>

And another thing if you don't mind could you tell me when should i upload those files ?
( public_html or vb file )??

thanx

Quote:

Originally Posted by Dr.LoVe (Post 1896689)

i didn't do anything just add my website link look here

And another thing if you don't mind could you tell me when should i upload those files ?
( public_html or vb file )??

thanx

It's nothing much wrong, only that you have to use the right single quotes :). Here is the fix :

PHP Code:


		
			
<?

//List of Search Engine Agents

$UserAgent = array(

    'Googlebot',

    'msnbot',

    'slurp',

    'fast-webcrawler',

    'Googlebot-Image',

    'teomaagent1',

    'directhit',

    'lycos',

    'ia_archiver',

    'gigabot',

    'whatuseek',

    'Teoma',

    'scooter',

    'Ask Jeeves',

    'slurp@inktomi',

    'gzip(gfe) (via translate.google.com)',

    'Mediapartners-Google',

    'crawler@alexa.com'

);



//Your forum *domain only*

//Define domain with and without www

//Do not add trail at the end

//Example : 'google.com' , 'www.google.com'

$Forum_domain = array(

    'http://xxxx.com',

    'http://www.xxxxx.com',



);



//2nd Layer Flood Protection enable ?

//1 to enable , 2 to disable

$config['dnp_firewall_2nd_layer'] = 1 ;



//Amount of time in second to show restrict message if a Flooding attack is determined

$config['dnp_firewall_wait_time'] = 10 ;



//Amount of penalty to be considered a Flooding attack. 

//Every time multiple requests sent to the forum in less than few a second, penalty count increased by 1.

$config['dnp_firewall_penalty_allow'] = 6;

?>

excellent mod nominated thanks :)

Back with a little update, it's been about 3 weeks since installing, and I've had absolutely no spammers! That's definitely a nice change from the 1 a day I was getting beforehand. ;)

This thing rocks!

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (1)bbcode_php_printable (9)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01415 seconds Memory Usage 1,761KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (1)bbcode_php_printable (9)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: