hello i think should update it

Works great so far! *clicks install*

So, a user visits my site and the first thing that is displayed is this? Is that correct?

Thanks,
Curt

Yes, it applies to everyone but search engines.

i have this issue please fix

Warning: session_start() [function.session-start]: open(/tmp/sess_b22c70d5b06ff6082f4112d732e050ab, O_RDWR) failed: Permission denied (13) in /home/xxxxx/public_html/dnp_fw.php on line 3

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/vnairp11/public_html/dnp_fw.php:3) in /home/xxxxx/public_html/dnp_fw.php on line 3

it used to work but ever since i transferred the site this has been happening and i love this mod pleas help..

OK, one more thing. Would this happen only once and be based on cookies or will it happen every single time to a user?


Thanks,
Curt

As long as the user session alive, the firewall gateway does not appear again. ;)

This is a server side misconfiguration. If you could contact your host provider, mention that apache temp folder for function session_start is not writable by local script.

I am unsure about installing this mod. Recently I've been receiving DDoS attacks, about 300 zombies were flooding my forum with a UDP flood... Will this help me lol? I get flooded by medium attacks like 300-500 zombies. =\

Will this have any effect or save my forum? I hate having my host banning all the IP's and I soon find out half my members were infected with botnets. This has all been fixed but, still I'm bracing for another DDoS attack soon.

On a scale of about 1-10

If I got DDoSed by about 100 zombies, would my forum still load with this hack?
Normally if I get attacked by 100 zombies I do lose connection to the server -

Thanks man I've been looking for a good firewall for preventing DDoS. I'm sad hostgator doesn't offer ddos hardware protection.

How hard it to change your Useragent? I know that in firefox it is really quite easy to do using About:Config, same with seamonkey. This wouldn't offer protection at all if the DDoSer knew about it.

Thank you for this awesome mod, hopefully it does the job
it is suppose to do. Keep up the great work silveryhat!!

Regards,
Kev

On the situation of 100+ bots , the firewall could reduce the attack 20-80% theoretically, depend on what technique it uses and what type of flooding it is, xFlash or IMCP flooding etc...

As the matter of fact, you should also deny these ips or the the ones cause the most requests during the flood occurrence , then remove the list after it has gone.

It still has two layer of protections even if user-agent is fake. You can give it a try :)

I'm developing a newer version based on a new bounce back technique, still waiting for feedback from my professors though. ;)

My apologies if this is already answered but i'm short for time at the minute:

Does it log IP addresses of potential DDoS attempts?

I can make your website think my browser is the Google Bot, so it's either going to let me in, and believe that I'm the googlebot OR it's going to be blocking the real googlebot

Parse error: syntax error, unexpected ':', expecting ')' in /home/xxx/public_html/vb/dnp_fw_config.php on line 29

??

This is my respond to a similar concern :)The two other protection is the 2nd layer protection and cookie check ;) , too many requests will disable the session no matter if the visitor is bot agent or not.

You have done some misconfiguration. Try to use the original file or post the content of your dnp_fw_config.php and I'll check for you.

i didn't do anything just add my website link look here

And another thing if you don't mind could you tell me when should i upload those files ?
( public_html or vb file )??

thanx

It's nothing much wrong, only that you have to use the right single quotes :). Here is the fix :

excellent mod nominated thanks :)

Back with a little update, it's been about 3 weeks since installing, and I've had absolutely no spammers! That's definitely a nice change from the 1 a day I was getting beforehand. ;)

This thing rocks!

When i have this mod enabled, and when i click the image to enter my site, i get the following url: dnp_fw.php?dnp_firewall_redirect='.%24_SERVER['REQUEST_URI'].'

and the page just goes back to the DnP page. What am i doing wrong? It even does it when i didnt edit any DnP files. The website server is using a Firewall though that has HTTP filters to enabled to prevent exploits.

Also, your link to "InV-Firewall Script" leads to a page in another language, can you link to a page in english?

Thanks for the nice feedbacks guys, ;)

Have you tried to figure out what are being filtered by the web server firewall ? For all the time the firewall is just a type of plug and play mod, if there is something wrong it is more likely a misconfiguration for from the host side itself.

The firewall you are using seems to block or , like you describe, convert characters. This, more likely is used to avoid malicious query being executed but on the other hand it will interrupt the process of other MODs and for DnP Firewall apparently. What firewall are you using? Is it software or hardware? Because if it only blocks certain commands, it does not protect your site against flooding, dos and spambots.

Everything seems to be working fine here.

Just a small issue, on PHP files use LONG TAG like <?php not <? , if is disabled, cannot run.

I'd rather not say what firewall im using because it will open security issues.

What characters does DnP in the url tag?

Well. I finally figured out what was causing my problems! And it wasnt my firewall!

I changed all the <? of the DnP php files to <?php and now it works flawlessly!

P.S. silveryhat, can you edit your post id of 104 (this post) and remove your quote about my firewall info. I'd rather not have it online anymore.

P.S.S I'm trying to download INV firewall, but cant because theres no username to access the download page (there's only a password)

Is there a way to make it so when ever someone leaves my website and they come back it makes them go thorugh that portal again? I have to dissconnect from my internet then reconnect to get the gateway to pop up again when I re visit the site. When I leave the site, then open browser and go back to my site, it goes to my site and the gateway part does not pop up. I want it to pop up every time someone visits my site even if they leave it for 5 seconds.

I have done so ;)

This is a firewall script written by a local Vietnamese coder. Try Shacker and Delynie for the username and password to access. Further support of INV firewall is not available here because this topic is for DnP Firewall. However, you may ask about it on the official forum, which its link is provided below.

The gateway is designed to appear only once in the first time user establishes a connection to the forum. This session expires after an amount of time, depends on your server setting. Since the way you require is not how the firewall should work for everyone, you might want to make a personal request on the official forum.

Dear Silveryhat,

This script works good it stopped the spammers from attacking one of my pages, but I looked today and I have a few errors in my error log, can you help me fix them?

Here are the errors:

Thanks.

._. Are you sure the warning message comes from the firewall ? The firewall integrates itself into global.php not requiring it , while the error means showthread.php is looking for global.php but not found. It looks more like a intermittent server issue.

Now when i click the link in firefox i get the following error "Sorry, Connection from your IP Address is not allowed!" Clicking the link in IE shows my site normally. Any idea why its doing this suddenly?

Have you added your forum domain to the domain list in dnp_fw_config.php ? ( Setup Domain List for DnP Firewall Gateway )

Yes i added them.

The link works fine in IE, but in firefox it doesnt for some weird reason. It's been working fine previous days but suddenly stopped working.

Edit: NM i found the problem, my firefox had referrer header disabled. Enabling it again fixed it.

Has anyone here seen a decrease in traffic from both real users and bots using this hack?

It is SEO friendly.

I installed this 2 days ago and it appears to be working correctly, however 2 spambots still managed to register and spam our forum overnight??

I had to turn the flood protection off due to numerous complaints by members, but the firewall has been still functional up until this point... so not sure why it hasn't worked in these instances...

There is a different between spam bots and spammers. Those who can spam with the firewall on are not bots. They are human and they do that on purpose.

You are able to change the flood protection settings following this guide Detail information about DnP Firewall 2nd Layer Protection :)

Cant get this working on vb 4 any one know how ??? please :)

could be somthing to do with this but i dont know ??

define('VB_AREA etc isnt the first command in the global.php any more.

The fire wall just gets stuck on the gateway and wont go though to the forum.

Thanks in advance for your help...

its working for me but some users after clicking here to continue they are not redirected into the forum. why?