vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   Securing vBulletin Question (https://vborg.vbsupport.ru/showthread.php?t=326573)

COOLORANGEFREEZ 07-14-2018 03:11 AM
Securing vBulletin Question
 
Looking into securing the vBulletin as much as possible and one of the things to do (recommended) was:

1.) Make sure the getadmin.php file is nowhere on the website.

What does this mean, where to find it and what to do to secure this?

Thanks for your knowledge

Dave 07-14-2018 12:42 PM
Bit of a vague recommendation but they tell you to make sure that no such file exists in the root of your website. For example if your site is example.com, it should not exist at example.com/getadmin.php.

COOLORANGEFREEZ 07-14-2018 08:40 PM
I typed in the front page and the actual forum as well and added /getadmin.php to both and came up with 404 errors. That seems like a good thing.

I didn't do any changes to the getadmin.php though so still not sure that aspect is secure.

I will have to learn about this more.

I'm assuming someone could somehow exploit this and take over the admin control of the forum?

Thanks for your help.

Dave 07-14-2018 09:12 PM
Apparently "getadmin.php" is a script to set a specific username to the administrator usergroup. But I think it's very old since it does not exist in the latest vBulletin 3 installation files.

I don't think you have to worry about it.

COOLORANGEFREEZ 07-15-2018 01:32 AM
Thanks for that information. I'm moving on to create passwords for directories.

socialteenz 07-15-2018 04:33 AM
Quote:
Originally Posted by COOLORANGEFREEZ (Post 2595582)
Thanks for that information. I'm moving on to create passwords for directories.
Only the admincp and modcp should be password protected not all of them.

COOLORANGEFREEZ 07-16-2018 12:45 PM
Thanks for that. Will complete in that way.


All times are GMT. The time now is 02:31 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01198 seconds
  • Memory Usage 1,720KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (7)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete