vb.org Archive
Page 20 of 27 « First 101819 20 2122 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)
-   -   vBFirewall v1.0 (https://vborg.vbsupport.ru/showthread.php?t=196791)

shrian.al7b 04-29-2009 11:42 AM
thnxxxx alot bro

www.2oman.net

tspaetten 04-30-2009 09:26 AM
Hey this is a great plugin, and it is working perfectly on my forum. Last weekend the firewall prevented 3 hack attemps. Så thanks m8

Biker_GA 04-30-2009 02:17 PM
Are you sure?

The problem I see with this plugin is it does NOT differentiate between valid requests from the membership and real attempts to hijack the board. It reminds me a little bit of the early versions of Zone Alarm that popped an "Oh My Lord" message every time a packet hit the PC. The uninformed would then panic and scream bloody blue murder that someone was trying to attack their PC, when in fact, all it that happened was a query packet was received from the DNS.

Until this plugin can tell what's valid and what isn't, people should not put much faith in what it reports as an attack.

WebCraker 04-30-2009 08:32 PM
Thank you for the hard work
keep it up dude ;)

tspaetten 05-03-2009 03:54 PM
Quote:
Originally Posted by Biker_GA (Post 1801823)
Are you sure?

The problem I see with this plugin is it does NOT differentiate between valid requests from the membership and real attempts to hijack the board. It reminds me a little bit of the early versions of Zone Alarm that popped an "Oh My Lord" message every time a packet hit the PC. The uninformed would then panic and scream bloody blue murder that someone was trying to attack their PC, when in fact, all it that happened was a query packet was received from the DNS.

Until this plugin can tell what's valid and what isn't, people should not put much faith in what it reports as an attack.
Hey m8, yes i am sure, so i am happy for this hack.

Kayden 05-29-2009 08:54 PM
Too many holes.

Uninstalling.

berrada 06-04-2009 11:40 AM
Thank you very much

accludetuner 06-13-2009 11:05 PM
Quote:
Originally Posted by MrEyes (Post 1670137)
Good mod, fantastic idea, however the subscription issue is something of a show stopper. So I decided to look into it.

The reason the "firewall" kicks in on the subscription page is that one of the security rules is 'script', and quiet rightly so. However due to the checking method used, the firewall kicks in when it sees:

do=viewsubscription

Notice the bold/underlined part

The good news is that this can be resolved, but it is a hack to the mod. The following instructions explain what needs to be done, if you want to implement it then I strongly recommend first testing it on an test server. Hopefully this will help the mod dev makes this mod one of the best available here:

Right, you need to goto:

ACP -> Plugins & Products -> Plugin Manager

Once there look for the entries for "Product : vBFirewall", this should only have one plugin called 'vBFirewall' which uses the 'init_startup' plugin. Click edit

Copy all the text in 'Plugin PHP Code' into notepad.

Now follow these steps:
  • Find the line that reads:

    Code:
    'st=-', 'cat%20', 'include', '_path=');
  • On a new line immediately after this paste in:

    Code:
    $securityexclusions = array(
            'do=viewsubscription'
    );
  • Find the line that reads:

    Code:
    $cracker = strtolower($cracker);
  • On a new line immediately after this paste in:

    Code:
    $cracker= str_replace($securityexclusions, '', $cracker);

Once done, copy all the edited text in notepad back into the 'Plugin PHP Code' in ACP, then click save

What this is actually doing is creating an extendible security rule exclusion list, so if any other VB queries string invoke the vbFirewall you can add another exclusion.

IMPORTANT : I have only run this on a basic test server I have, do not try this unless you are absolutely comfortable with plugins/php etc.

A here are some suggestions for the next version:
  • Rather than add the logs to a flat file on the server store this in the DB and then create an ACP page to view/search/manage logs
  • Add option to send a PM or Email or both
  • If a specific IP invokes the firewall more than X times in Y seconds/minutes auto place this IP on the vBulletin ban list.
  • If a specific IP can be associated to an actual forum user account auto ban that user.

One other teeny weeny little thing, you need to mention that this is based on the GPL licensed code found here : http://www.cback.de/cback_software/standalonect.php ;)

EDIT: Later in this thread I have posted an additional fix for vbAnonymizer users
Thank you for that work around. Here's the list of everything in my array that got the subscription/unsubscribe features to work properly. It took all of them for it work properly:
Code:
$securityexclusions = array(
        'do=viewsubscription','do=removesubscription', 'do=addsubscription', 'do=doaddsubscription'
);
Awesome mod!!!

SuperTaz 06-14-2009 12:05 AM
Waiting till the Gold version still.

akanevsky 06-14-2009 12:15 AM
Sounds interesting. But what exactly does it prevent?


All times are GMT. The time now is 08:10 PM.
Page 20 of 27 « First 101819 20 2122 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01458 seconds
  • Memory Usage 1,747KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_code_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete