vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Modification Requests/Questions (Unpaid) (https://vborg.vbsupport.ru/forumdisplay.php?f=112)
-   -   Security System fo VB (https://vborg.vbsupport.ru/showthread.php?t=76765)

Remi 02-21-2005 02:51 PM
Security System fo VB
 
The idea is very simple yet very effective.

If there was a kind of filter that does:

1- prevent the direct request of files that should never be requested like "config.php"
2- Filter all "url request" from commen words and characters used for sql injections.
3- Filter the "POST Method" from words that usually used in xxs vulnerability.

If we can have such system, "I think" we can prevent 99.9% of known and unknown vulnerabilities.

Thanks

Colin F 02-22-2005 01:29 PM
Hmmmm... not a bad idea.

One would have to define which words are "commonly used for vulnerabilities" though.

I suggest you post at vbulletin.com, maybe the developers can give some feedback about how easy this would be to implement, as well as how useful it would be.


All times are GMT. The time now is 03:44 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00890 seconds
  • Memory Usage 1,699KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete