|
On my board it blocks some users from managing their subscriptions. Will have a look to the source of the mod to fix this. But maybe someone has already an idea?
sf |
Hi,
is it better than using cback for such attacks ? Thanks in advance for your efforts. |
Would be Nice to Have an Option to Use a Silent Report But Not Blocking Action and another to have Silent Report and Action to Block the Intrussion.
I Hope the Bugs on this Mod can be Fixed, I think is Important to Identify Agressions and Block Intrusions with this Mod and also to Block IPs with a Mod like "Miserable Users" to Block those Users from even Accessing the Forum. My Best Regards. :) |
Until this can differentiate a legitimate request from my users and an actual hostile attack, I'm going to have to refrain from installing again. Sorry, not quite ready for prime time.
|
Can there be Added an Option to Somehow Specify the Structures of Valid Requests so that the Firewall can Check that List and Not to Block any Valid Request Specified there? :confused:
This Way the Problem with the Subscriptions and other Requests can be Solved by Adding that Correct Structure to the List and the Firewall Not to Block it Again. This Way Also Admins that Identify a Valid Structure that was Blocked by the Firewall by Mistake, can Post the Valid Structure here for other Admins to Use the Valid Code on their Boards. Is Just an Idea, I Hope is Possible to Apply it. ;) My Best Regards. :) |
Idea: I'd be Nice to Add the Date and Time of the Attack on the "logfile_worms.txt" File.
For it Not to Block the Pages but Work on Silent Mode, the Following 2 Lines Should be Commented (Adding the //): Code:
// echo $ctr_logfile;Code:
// die("Access Denied, you have been logged.");Code:
// echo $ctr_logfile;"). Code:
// die("Access Denied, you have been logged.");:) |
Idea: I'd be Nice to be Able to See via Admin Control Panel the content of the File "logfile_worms.txt" File.
Recommendation: Change the Name of the File "logfile_worms.txt" on the following Code of the FireWall Plugin, so that No Sensible Information can be Viewed by Anyone. Careful with this, some AdminCP Addresses are Saved on that File). Code:
$file = "./logfile_worms.txt";Also, in the First Log there's an Error Code that Will Appear at the Top of the Page; make sure your Board is Disabled because on that Error Message appears the Name of the File; also on the second Log and later No Error Message will Appear, (only on the first one). This Mod is Very Useful, Thank You For Sharing It, I Managed to Locate some IPs that I think were causing Problem and I Blocked Them with Miserable Users Hack with the IP and Setting the Options of that Mod to the Maximum (Completely Blocking those IPs). :up::up::up: This Mod and the Miserable Users Hack, will make Miserable the Life of Board Hackers. ;) My Best Regards. :) |
^ if you wanted to have it integrated into the admin cp I think that it would be more effecient to rewrite the mod to create a new table called worms or something and then just to write a code to display the contents of the file the way you see fit.
|
I Noticed Today that the File that Contains the Log Self Delete it's Content, I guess every time it reaches ??? Kb, so there is No way in the Current Stage of the Mod to Save the History of it, and as it Detects some Actios of the Google Bots as Hack Attempts the E-mail Notification Fills the E-mail with Junk. :(
I guess there's more Work to do in the Plugin to be More Accurate in the Hacking Detection and Not Activities that are Not Harmful to the Board. ;) My Best Regards. :) |
Hey, I'm having a problem with vBFirewall.
If it's enabled and I go to Usergroups > Administrator Permissions > View Control Panel Log it gives me this error "1||1235699733||||||||Error Opening Logfile." (Semi-random numbers each time). If I disable vBFirewall this doesn't happen. It happens in other random places too, same error. It also emails me saying that vBFirewall has prevented an attack whenever I view the page. Any ideas? |
Quote:
|
Quote:
|
Quote:
Any ideas? |
is this protect from spam
|
It works, tryed to hack own page, thank you
|
Installed it and the logs were showing some things but no details, and it also blocked me from modifying my cookies and http header options.
So i disabled it for now. |
I have a few recommedations for this
Firewall which automatically checks links against a blacklist database (Custom scripted database in the Admin CP) if its there, it blocks connection/linking to it. Upload logs and details. In the firewall when a member/user uploads a file it automatically Logs the IP, file name, description and what it contains. --DOWNLOADED-- |
Doesnt work with vBAdvanced in the AdminCP. If you want to open vBAdvanced settings in AdminCP you get a security notice
|
thanks
|
i used it, but have some error.
examples: i click more..very fast into a link in forum...have a errors Quote:
and i use mysqldumper for backup, but also have errors this. i try again by disable this hack mod, but still errors, i cant backup database... remember history? when disable this hack mod? plz..help me! |
This sounds like a great idea, but the last few pages sound like there's too many bugs at the moment. Please keep up the good work though, I'm sure EVERYONE will want to use this if you can get it working smoothly without the problems people have mentioned here :)
|
Developer Last Online: Dec 2008
Looks like we're on our own with this one. |
Quote:
http://www.onlineconversion.com/unix_time.htm |
Why can´t i do everything in the admincp anymore?
In the Vb options i can´t edit cookies for example... |
Thanks For This Job
I Will Download And Tes :) |
this hack mod...not good, plz help me.
Quote:
|
I am also having problems with the subsriptions, any news about it?
Thanks |
Quote:
What does that mean, Does it impact on the search spiders or her? and thanks :confused: |
Very nice, it caught someone hacking today.
Quote:
|
i think need update this.
plz update 2009 |
|
Hey this is a great plugin, and it is working perfectly on my forum. Last weekend the firewall prevented 3 hack attemps. Så thanks m8
|
Are you sure?
The problem I see with this plugin is it does NOT differentiate between valid requests from the membership and real attempts to hijack the board. It reminds me a little bit of the early versions of Zone Alarm that popped an "Oh My Lord" message every time a packet hit the PC. The uninformed would then panic and scream bloody blue murder that someone was trying to attack their PC, when in fact, all it that happened was a query packet was received from the DNS. Until this plugin can tell what's valid and what isn't, people should not put much faith in what it reports as an attack. |
Thank you for the hard work
keep it up dude ;) |
Quote:
|
Too many holes.
Uninstalling. |
Thank you very much
|
Quote:
Code:
$securityexclusions = array( |
Waiting till the Gold version still.
|
Sounds interesting. But what exactly does it prevent?
|
| All times are GMT. The time now is 12:47 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|