vb.org Archive
Page 17 of 27 « First 71516 17 1819 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)
-   -   vBFirewall v1.0 (https://vborg.vbsupport.ru/showthread.php?t=196791)

StarFire 02-23-2009 07:29 PM
On my board it blocks some users from managing their subscriptions. Will have a look to the source of the mod to fix this. But maybe someone has already an idea?

sf

rul3z 02-24-2009 12:11 PM
Hi,

is it better than using cback for such attacks ?

Thanks in advance for your efforts.

inciarco 02-25-2009 06:18 PM
Would be Nice to Have an Option to Use a Silent Report But Not Blocking Action and another to have Silent Report and Action to Block the Intrussion.

I Hope the Bugs on this Mod can be Fixed, I think is Important to Identify Agressions and Block Intrusions with this Mod and also to Block IPs with a Mod like "Miserable Users" to Block those Users from even Accessing the Forum.

My Best Regards.

:)

Biker_GA 02-25-2009 06:34 PM
Until this can differentiate a legitimate request from my users and an actual hostile attack, I'm going to have to refrain from installing again. Sorry, not quite ready for prime time.

inciarco 02-25-2009 06:52 PM
Can there be Added an Option to Somehow Specify the Structures of Valid Requests so that the Firewall can Check that List and Not to Block any Valid Request Specified there? :confused:

This Way the Problem with the Subscriptions and other Requests can be Solved by Adding that Correct Structure to the List and the Firewall Not to Block it Again.

This Way Also Admins that Identify a Valid Structure that was Blocked by the Firewall by Mistake, can Post the Valid Structure here for other Admins to Use the Valid Code on their Boards.

Is Just an Idea, I Hope is Possible to Apply it. ;)

My Best Regards.

:)

inciarco 02-25-2009 07:13 PM
Idea: I'd be Nice to Add the Date and Time of the Attack on the "logfile_worms.txt" File.

For it Not to Block the Pages but Work on Silent Mode, the Following 2 Lines Should be Commented (Adding the //):

Code:
// echo $ctr_logfile;
Code:
//    die("Access Denied, you have been logged.");
Edit: I Think is Better to Keep at least the First Code Line Disabled, because It Displays Important Data of the Board to the Hacker. (Careful with That).

Code:
// echo $ctr_logfile;
Edit: Also Careful with the Second Line, because it'll Block Google Bots so your Board wont be Properly Indexed. (Many Log Results are from Google Bots "||||Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
").

Code:
//    die("Access Denied, you have been logged.");
My Best Regards.

:)

inciarco 02-25-2009 08:02 PM
Idea: I'd be Nice to be Able to See via Admin Control Panel the content of the File "logfile_worms.txt" File.

Recommendation: Change the Name of the File "logfile_worms.txt" on the following Code of the FireWall Plugin, so that No Sensible Information can be Viewed by Anyone. Careful with this, some AdminCP Addresses are Saved on that File).

Code:
        $file = "./logfile_worms.txt";
Name it Anyway You'd Like, so that Only You Know About It.

Also, in the First Log there's an Error Code that Will Appear at the Top of the Page; make sure your Board is Disabled because on that Error Message appears the Name of the File; also on the second Log and later No Error Message will Appear, (only on the first one).

This Mod is Very Useful, Thank You For Sharing It, I Managed to Locate some IPs that I think were causing Problem and I Blocked Them with Miserable Users Hack with the IP and Setting the Options of that Mod to the Maximum (Completely Blocking those IPs). :up::up::up:

This Mod and the Miserable Users Hack, will make Miserable the Life of Board Hackers. ;)

My Best Regards.

:)

Notorious Jay 02-26-2009 01:23 AM
^ if you wanted to have it integrated into the admin cp I think that it would be more effecient to rewrite the mod to create a new table called worms or something and then just to write a code to display the contents of the file the way you see fit.

inciarco 02-26-2009 01:44 AM
I Noticed Today that the File that Contains the Log Self Delete it's Content, I guess every time it reaches ??? Kb, so there is No way in the Current Stage of the Mod to Save the History of it, and as it Detects some Actios of the Google Bots as Hack Attempts the E-mail Notification Fills the E-mail with Junk. :(

I guess there's more Work to do in the Plugin to be More Accurate in the Hacking Detection and Not Activities that are Not Harmful to the Board. ;)

My Best Regards.

:)

Wicked One 612 02-27-2009 12:02 AM
Hey, I'm having a problem with vBFirewall.

If it's enabled and I go to Usergroups > Administrator Permissions > View Control Panel Log it gives me this error "1||1235699733||||||||Error Opening Logfile." (Semi-random numbers each time). If I disable vBFirewall this doesn't happen. It happens in other random places too, same error. It also emails me saying that vBFirewall has prevented an attack whenever I view the page.

Any ideas?


All times are GMT. The time now is 09:36 PM.
Page 17 of 27 « First 71516 17 1819 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01229 seconds
  • Memory Usage 1,746KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_code_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete