|
Just 2 advices:
- If you don't know what this does: Don't Install - If you think vBulletin will be vulnerable to the same sort of attacks a phpBB do install, otherwise don't. |
i dont know is any need of this hack in an vB, but the one thing you can profit of this hack is you can see any attempts of hack in the log
ok phpinfo() is blocked, but i dont think it is a good idea to share this info, only if you have always the latest Version of php installed and its true thats the problems of another boardsystem is not the same problem of vB, but i have found that vb 3.0.4+3.0.5 hase release because some problems with the santy an other holes only in an nice and wonderfull world everbody update her system and there boards just in time, this skript can block the one try of hack how hacked youre site in the time between release the new version and you have time to do the update ;) and if you have any blocked funktions on youre board, look at the log and found the part in the string how collided with the definations of the hack and replace it and whether you was attact whitout success in the last time you only can see in the logs of youre server or after an testtime in the log of this CT :) |
I thnk anyone that has alot of hacks, mods, and extensions in should install this just to patch up any unnecessary holes in the mods they used.
|
If you have your own server and want to spend a little time learning about how to configure mod_security for Apache, you can obtain peace of mind for all of the sites, forums and scripts you host.
That can be found over here: http://www.modsecurity.org/ |
Nice, used to use this back in the day..
|
This is a Great Addition For Security on my Board.
Thank You Very Much, Works Perfectly. |
this is fcking EXCELLENT, since mod-security is a handful and still not simple.
however, please make a version that skins the next time, so in other words make the error message on a normal vb page so its still in the forum theme colors etc. at least use the css.. thanku |
can you PLEASE have it log a few things
1. whatever the vb variable for the currently logged in username is, LOG THE USERNAME PLEASE :) :) 2. log the date better, like YYYY-MM-DD, so it sorts chronologically. this has nothing to do with country format it is common sense for computer sorting purpose, left to right. 2006-04-03 .. and have that be the first column ... see number 1 actually thats the main thing so you know if someone was logged, then know who they were |
I have added this to my forum all seems to be working ok or atleast I think so were exactly do I find the logs of attacks?
Thanks |
@sandalwood
1. no, on this hook are no userinfo avalible 2. this is possible at next release @devil Woman *youre forum*/elog/logfile_injects.txt (last 100 logs) *youre forum*/elog/counter.txt (count of all attacks) |
| All times are GMT. The time now is 01:56 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|