DnP Firewall : SEO Friendly Double-Protection Layers against Flood / DoS / Spam Bots
 

DnP Firewall Gateway was designed to stand against the massive DoS attack targeted DnP Network? few years ago. Upon installed, it has been reducing the severe level of many incidents and preventing my forum from being overload ever since. It also nearly blocks away all the automated bots that come to register for spamming on the forum. The last release was almost 3 years ago and there had never been any update to the MOD. Version 0.3 came with many issues though it was very stable. I decide to give another upgrade and simplify the code a little for another release. Don't hesitate to install DnP Firewall Gateway for your forum and hope you will find it as useful as I do.


1 - Use this simple Firewall to protect your ( vBulletin / phpBB / SMF / IPB / etc.. ) forum

1. Deny unwanted Bots
2. Reduce Spamming
3. Block Flooding Attack
4. Partially weaken DoS
5. Prevent automated malicious scripts pass through

2 - Side features

1. Increase your Adsense Impression and Revenue.
2. Act as an Introduction page for your forum.
3. SEO Friendly. (DnP Network has this firewall installed for more than 2 years. Google Search : silveryhat returns 29,000+ results)
4. No query executed / Extremely fast

3 - Installation for vBulletin Forum

a. Upload all files from package to your forum_root
b. Open global.php using Notepad. (Why global.php ? Because global.php is the core file of vBulletin system , it is also the initial startup file that calls important database queries and keeps sensitive information. The Firewall comes before any of the processes run to prevent direct damage to the forum. That is the reason why DnP Firewall does not use any hook or come as an automatic plugin like other MOD)

Find
Add BEFORE

Simply remove this line to deactivate the firewall

c. Save and Reupload global.php to your server. Done!

3b - Upgrade
Simply perform step *If you have custom layout, do not overwrite dnp_fw_template.php*

4 - Note

Eventhough the DnP Firewall Gateway could reduce the damage of a flooding attack, it does not guarantee that all of the negative affects of an attack could be avoided. I do not hold any responsibility for such matters. As an administrator you should know that there is not software firewall that could be as effective as a hardware firewall.

You are free and encouraged to modify the Layout of the Gateway page in dnp_fw_template.php but please respect the copyrights notice of the author. Additional templates are also available if you'd want different look. (How to change DnP Firewall Template)


DnP Firewall Gateway also acts as an Introduction page for your forum if you fill it up with rich information content of your site. Adsense or other Ads could be placed here to maximize your revenue since every visitor will need to pass by this Introduction page. It almost 100% guarantees that your CTR or Page Impression will raise quickly.

5 - Compability

This MOD can be used with almost any system that runs PHP. Compatible with all vBulletin forum from 3.0.x to 3.8.x

It should not conflict with any existing MODs on your forum.

DnP Firewall Gateway consumes very little server resource because on the surface, it is just a simpe webpage. It does not execute any query, therefore your database will not be affected under any circumstances by this MOD.

DnP Firewall Gateway could together be used with InV-Firewall Script to act as doubled-firewall system that 2 x the strength against Flood /DoS Attack with bonus of denying malicious query and tracking access.

DnP Firewall Gateway is also compatible with DnP Instant! AJAX/SEO Musicbox & News smart anti-flood protection that brings extra power to the firewall. The 3 firewalls, DnP Firewall Gateway - InV-Firewall Script and Smart Anti-Flood from DnP Instant! AJAX/SEO Musicbox & News can be used altogether to triple the strength.

6 - History Log

v1.4

1. Optimize firewall structure
2. Optimize 2nd-layer protection

v1.3

1. Add 2nd layer protection
2. 3 more options for 2nd layer protection in config file

v1.2 Beta

1. Improve Firewall Stability
2. Add Domain option
3. Separate config file

7 - Useful links

1. Setup Domain List for DnP Firewall Gateway
2. How to change DnP Firewall Template
3. What are the Search Engines allowed by DnP Firewall Gateway ?
4. Branding-Free License of DnP Firewall Gateway
5. Detail information about DnP Firewall 2nd Layer Protection
6. Templates collection

how to make it gorup user depend on
?
and also you should think about google and others bot will be affected by this way

Good questions, and I think many have the same so here's your answer :rolleyes:

1 - A firewall itself does not need to differ usergroups. When you first come to a forum you are not logged in, therefore how you could have a usergroup? It is also not necessary because any established connection is potential to be a problem, even the admin account if it falls into wrong hand. It's better safe than sorry my friends. And, without checking usergroups, the firewall remains intact to any database query, that is the goal of this firewall as well.

2 - For Google and other bots, you missed

http://img200.imageshack.us/img200/80/61103220.jpg

Example : DnP Network has installed this firewall for last few years. Google Search : DnP Network returns 2,800+ results. Yahoo Search returns 5,600+ results. And of course, the new-born Bing Search, only returns 190+ results at the moment :(

You can find more details at What are the Search Engines allowed by DnP Firewall Gateway ?

thank you for this great hack
i will try and comeback

Excellent Installed :up:

Please kindly check for any bugs so I can quickly improve the MOD :)

I think the fact that a guest has to pass this gateway many off them will leave the site before entering it.
Can´t you install a automatically redirecting?

There are the advantages of this mod if you think about vbfirewall?

Maybe a bug ?

we have installed this on our main site and test site, on the test site we have no problems at all :)
but on our main site the gateway page and our login page keeps redirecting to and fro each other and will not let you login.

it does this with or without using www in the url.

any ideas ?

what vBFirewall does is to sanitize malicious query sent to the forum. It does not block any Flood attack , or Spamming or DoS. Even though it's named vBfirewall, its function is totally different than Dnp Firewall Gateway. It's also recommended to use both to empower the security level of your forum.

Automatically redirecting is absolutely a No. The reason is if a bad connection approaches the forum, we don't want to transfer it inside. And we cannot differ a good and bad connection. So again, better safe than sorry.

Is there a list of functions that are disabled on the main site?

Version 1.2 is ready for download ;)

In this version, the firewall has been improved on stability. The config file is separate.

New option allows domain restriction, which means firewall only accepts requests from this domain (security purpose). The setting can be changed via dnp_fw_config.php

Please kindly follow upgrade instruction on first post if you already install DnP Firewall Gateway

Sweet, Im Checking this out !

;) Leave a feedback soon!

Sorry for the late reply but we have managed to sort it out now thanks

I have vbadvanced as the homepage. Do I need to add that to the config also?

Thanks for letting me know. If you would not mind to share the solution, please pm me how you managed to fix it. It will be documented for future references.

The firewall starts up before any of vBulletin scripts begins to run, so you need not to worry about it conflicts with any modifications, or none that I have found so far.

Will this affect normal, non-bot, traffic?

Very nice silveryhat and yes I dropped the ball on your install video for the DnP Musicbox but if you still need it PM me, I'll get it done ASAP!

S-MAN

Edit: Ok pm me about the MusicBox... have not DL'd an update yet but this mod here has no install instructions.. I see them above in the post and it should be simple but us coders know how many members are so I'll make a video for this and get it to you tomorrow.

perfect work :)

Here must config? like that?

//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : 'google.com' , 'www.google.com'
$Forum_domain = array(
'http://yourforum.com',
'http://www.yourforum.com',

Could you name some of those ? Besides, you can check this topic for detail information What are the Search Engines / Bots allowed by DnP Firewall Gateway ?

:) it would be good too and thank you very much. There is not only install instruction needed but also the other advanced configures, I'm trying to get all of them written down.

Yup. It'd be your forum domain. You can add more than just two if you have more than 1 domain set. This Setup Domain List for DnP Firewall Gateway , may also help you on the way.

yup thanks if work i tested it The site made doss :D

All I have to do is mow the yard (woohoo lol) since it's cool outside and after that the install video. Get that info to me and I'll make another one for the advanced features, if it's anything server dependant please be aware my host might not be setup exactly the same to provide what others could already have in place so that might hinder showing the results etc but we'll see what the advanced options are and do the best we can. Can you host the video or is bandwidth a problem? Let me know... ok BRB (Big Back Yard with a push mower so most likely 2-3 hours).

S-MAN

Shouldn't that $_GET variable be sanitized or at least checked that it is for the same site? Not sure if it can be abused as an open redirect but it's better to be safe than sorry.

Also, $HTTP_SERVER_VARS is deprecated ($HTTP_SERVER_VARS['HTTP_USER_AGENT']). You should use $_SERVER. :up:

;) yes i can host the file just fine. Take all the time that you need and don't worry about advanced options. It's better to have a clean, basic setup instruction

:rolleyes: though $_GET is sent, if you check carefully it is not used anywhere. And the domain check is already available since we have Setup Domain List for DnP Firewall Gateway . I know $HTTP_SERVER_VARS is old...but believe it or not I ran into some incompatibility issue of using $_SERVER. So I have to keep it safe. I might provide information related to the change to $_SERVER, but I would not directly do that on the code just to avoid problems.

In version 1.3 there will be one more layer of protection besides the firewall itself :)

Thanks For Update To 1.3, Installed And Working With No Problems :up:

interesting mod, I've tagged it

Installed and Nominated :)

Thanks for update

Installed working great

silveryhat any idea without Enter page :S:(

Please report if any problem occurs :)

Is there any message ? Any error ? or screenshot ..

1 problem im a having is the that message

Multiple Requests have been directly targeted our forum, as the result the current access is temporarily restricted for 10 second(s)

Is being displayed in shoutbox and in Top 5 Stats aswell on forum and I have had to dissable 2nd Layer Flood Protection to stop this happening.

Is there anyway to stop this? Regards

This second layer is useless on a forum with a shoutbox or a java tabbed content box.

Every refresh trips the firewall and messages appear all over the forum,after @ 2 minutes the screen disolved into a mess of broken images.........:(

Uninstalled as it is interfering with ping backs and monitoring provided by my host.

You guys forgot to change the 2ng layer config to have it adapted to your forum :). On some board the default configuration should be fine while on some other board with active AJAX shoutbox a little change might be necessary. Open config file and set

Detail information about DnP Firewall 2nd Layer Protection

I Have Installed Cyb Advanced 'New Posts' (AJAX),Cyb Advanced Forum Statistics, Cyb - ChatBox,And It Seems That Because There Auto Refreshing That Its Causing Firewall To Trigger The Message

i have already tryed setting this to a few diffrent setting atm it is set at

I pull this information from the Detail information about DnP Firewall 2nd Layer Protection for you. Though it is titled as Advanced, it is not very hard to do

In your case any value from 2-5 would work, also depends on how fast other ajax mods refresh themselves :erm:

Thanks just edited dnp_fw.php amd changed setting,
Ill see if that sorts it Apprciated :up:

Anytime. As you see, the 2nd Layer protection is a bit powerful and sensitive.