vb.org Archive - Administrative and Maintenance Tools

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)

- - Administrative and Maintenance Tools - [DBTech] vBSecurity v2 (vB4) (https://vborg.vbsupport.ru/showthread.php?t=276228)

Quote:

Originally Posted by Soidberg (Post 2416440)

Could you make it possible to position Data[IPADDRESS] at a random place within the phrase ("dbtech_vbmail_security_alert_body"&"dbtech_vbsec urity_access_new_ip_message")?. Like: $IPADDRESS ?

I want to restyle the email text completely with a new location of the IP address.

sry for my horrible English :o

You can translate the phrases via the Phrase Manager. Why would you want to randomise the location?

Quote:

Originally Posted by Soidberg (Post 2416580)

Dear DragonByte Tech,

I have an Idea which perhaps could be easily integrated within vBulletin. I? very interested in what you think about it.

My idea is about DDoS protection for vBulletin by Cloudflare. Cloudflare is focussed on DDoS protection and offers great free services for the public. Since Cloudflare provides a webservice API via an API Key, the DDoS protection of Cloudflare can be utilized by just invoking URIs by vBulletin to block attackers right in the Cloud so they even can reach the target system.

The technical approach is done by invoking URIs for blocking and unblocking IP addresses. A block could be triggered by any relevant alert to be defined by the vBulletin operators to fit their needs.

In vbulletin it could look like this ...

Admin Panel Menu (example):
Attachment 144558

Action (example):
Attachment 144560

Options (for example):
Attachment 144559

All you need is a free account with Cloudflare, the generated security tokens and of course your addon. :)

Example Block:

HTML Code:

https://www.cloudflare.com/api.html?a=ban&key <IPADRESS> = & u = EMAILUSER@EMAIL.com & tkn = TOKEN

Example unblock:

HTML Code:

https://www.cloudflare.com/api.html?a=nul&key <IPADRESS> = & u = EMAILUSER@EMAIL.com & tkn =TOKEN

Note: Since Cloudflare is acting as a reverse proxy operators should install mod_cloudflare for apache to see real origin IP addresses instead of Cloudflare proxy IP addresses....see here.

regards
Soidberg

Definitely an interesting idea, if you re-post it over at our forums we'll be sure to take it into consideration for future versions :)

Fillip

i do wonder ... would be possible to add usergroup watcher / protector into this plugin ?

so nobody can mess with such groups (adding users) ?

There already is a watcher - it's a Pro-only feature.

Protectors are covered by your AdminCP permissions, which is a default vBulletin feature.

Fillip

Update

Hotfix: PHP 5.4 Compatibility fixes

This does not guarantee the mod is error free on PHP 5.4, but it will take care of the reported errors. Thank you all for your reports :)

Fillip

Quote:

Originally Posted by DragonByte Tech (Post 2452383)

Update

Hotfix: PHP 5.4 Compatibility fixes

This does not guarantee the mod is error free on PHP 5.4, but it will take care of the reported errors. Thank you all for your reports :)

Fillip

Hi I see it logs all user login attempts but I see no option to prune the log is it possible?

I upgraded to 1.1.1 today and now see this on the top left, every time I sign into ADMIN CP:

Quote:

IP Address Verifier
Current IP Address
1.2.3.4
Stored IP Address
N/A
Mismatch
[Admin Access Log]

(my real ip is the current, not 1.2.3.4 - changed for security reasons)

I'm not sure how to fix this, to make the notice go away. When I disable this mod temporarily, it goes away. My user id IS set up as a super administrator in config.php and I have even whitelisted the ip in the settings for this add-on.

Any suggestions appreciated

Rhody

Ah disregard. The next day it had my real ip in both sections. I guess the first time it hasnt saved/logged your IP yet. (resulting in the mismatch error)

Hi, This Works for vB 5.0.5? :confused:

<a href="https://vborg.vbsupport.ru/attachment.php?attachmentid=135371&d=1325289905" target="_blank">Is this option only in the pro</a>

I think I found a bug in version 1.1.1

On my 4.2.1 patched system, this has happened twice in the past month.

I have multiple admins and if an admin enters the wrong password just ONCE, it treats it like 25+ brute force attempts. It takes action with one attempt, ignoring the settings for # of attempts.

Under SECURITY WATCHERS: GENERAL - I have:

Quote:

12 AdminCP access attempts from SAME IP ADDRESS attempts in 1 hour: Email Webmaster

25 AdminCP access attempts from ANY IP ADDRESS attempts in 1 hour: Email Webmaster, Close Forum, Ban IP

Twice it has set off both of the above (two emails, closed forum, etc) for a single wrong password attempt.

I have temporarily taken away its ability to close the forum, because I was out yesterday and it shut down the forum for almost 5 hours.

If I can help in any way to help duplicate/identify this behavior - don't hesitate to email me.

Thanks
Rhody

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_html_printable (5)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01120 seconds Memory Usage 1,747KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_html_printable (5)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: