vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)
-   -   Administrative and Maintenance Tools - KX - Rename Config File (https://vborg.vbsupport.ru/showthread.php?t=198856)

Ziki 12-13-2008 10:00 PM

KX - Rename Config File
 
1 Attachment(s)
This modification was brought to you by
KXDesign
http://www.kxdesign.com/


~Modification name
Rename Config File

~Modification description
This modification allows you to rename or move the config.php file.This is to protect your sensible information and increase the security of your vBulletin board.

The majority of boards get hacked because a hacker uploads a malicious script to get hold of the config.php content.But if you move or rename it,there is no chance that they find out the location of it.

Tips & Tricks:

vBSEO - https://vborg.vbsupport.ru/showpost....1&postcount=24
Fool Hackers - https://vborg.vbsupport.ru/showpost....8&postcount=23

~Modification options
None

~Modification info
File uploads: 0
File edits: 1
Templates: 0
Template edits: 0
Plugins: 0
SQL Queries: 0
Phrases: 0
Settings: 0
Hooks: 0

Install time: 1 minute
Install level: Light

~Modification installation

Step 1: Open includes/class_core.php and find:

Code:

include(CWD . '/includes/config.php');

                if (sizeof($config) == 0)
                {
                        if (file_exists(CWD. '/includes/config.php'))
                        {
                                // config.php exists, but does not define $config
                                die('<br /><br /><strong>Configuration</strong>: includes/config.php exists, but is not in the 3.6+ format. Please convert your config file via the new config.php.new.');
                        }
                        else
                        {
                                die('<br /><br /><strong>Configuration</strong>: includes/config.php does not exist. Please fill out the data in config.php.new and rename it to config.php');
                        }
                }

And replace it with:


Code:

include(CWD . 'XXXXX');

                if (sizeof($config) == 0)
                {
                        if (file_exists(CWD. 'XXXXX'))
                        {
                                // config.php exists, but does not define $config
                                die('<br /><br /><strong>Configuration</strong>: includes/config.php exists, but is not in the 3.6+ format. Please convert your config file via the new config.php.new.');
                        }
                        else
                        {
                                die('<br /><br /><strong>Configuration</strong>: includes/config.php does not exist. Please fill out the data in config.php.new and rename it to config.php');
                        }
                }

Where XXXXX is the relative path to your new config file.It can be, for instance:
admincp/mynewconfig.php or includes/configuration.php .

~Modification screenshots
None


~Modification changelog
  • 1.0.0 - First Release


~Modification copyright
This may not be distributed,released or claimed as your work without author's permission.

Ziki 12-14-2008 12:46 PM

~Reserved~

Dr.LoVe 12-14-2008 10:34 PM

i don't understand :S

rob01 12-14-2008 11:30 PM

wow nice work!

this mod is simple -> it will let you change/rename your config file

but if they read this file.. they will find out...

so whats the point?

just asking

steven s 12-14-2008 11:41 PM

Which means each time you upgrade you will need to edit includes/class_core.php before uploading.

linhhon2003 12-15-2008 12:47 AM

If Hacker read files class_core will know the path of the new config files???

Barakat 12-15-2008 07:11 AM

very usefull . thanks

Ziki 12-15-2008 11:53 AM

Quote:

Originally Posted by rob01 (Post 1685534)
wow nice work!

this mod is simple -> it will let you change/rename your config file




but if they read this file.. they will find out...

so whats the point?

just asking

You can select your own unique name and directory.And hackers usually ignore the class_core.php and it's harder to read that one,because it contains lots of functions and code,wheras the config.php has only comments and a couple of variables which can be called easily.

Golzarion 12-17-2008 12:20 PM

I was thinking about encryption of "config.php" codes ... and suddenly I see this mode ...

When the Server has a weak security there is no solution !
but using this mode + encryption can protect your site more . And will make things too hard for hackers.

Thanks Ziki to share your idea . *

mitch84 12-17-2008 01:07 PM

nice, thank


All times are GMT. The time now is 09:18 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01119 seconds
  • Memory Usage 1,743KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete