Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vBFirewall v1.0 Details »»
vBFirewall v1.0
Version: 1.00, by invisiblea invisiblea is offline
Developer Last Online: Dec 2008 Show Printable Version Email this Page

Version: 3.8.0 Beta 2 Rating:
Released: 11-19-2008 Last Update: Never Installs: 682
Uses Plugins Auto-Templates
Is in Beta Stage  
No support by the author.

This is my first mod for vBulletin and I have tried to make it as better as I could.



What is vBFirewall?
Its a PHP script which blocks all kinds of attacks on your vBulletin Forum! Like: URL Poisoning, Remote File Inclusion, SQL Injection, XSS and other kinds of attacks.

I have tested each and every function of this mod before releasing it and have used it myself for 1 month

It has a attacker logger, which logs the IP and many details of the attacker so that you can reach him

This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome.


How to install?

1) Go to Admin and Import the xml file product-firewall_vb_rs.xml using the plugin manager.
2) Keep an eye on the log file which can be found here: www.yourvbforumurl.com/logfile_worms.txt (This file will only be created when a attack occour)
3) Your website is now secure from hackers



Thanks

Download Now

File Type: zip vBFirewall.zip (3.6 KB, 3545 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
Naijasite

Comments
  #22  
Old 11-20-2008, 10:38 PM
invisiblea invisiblea is offline
 
Join Date: Feb 2008
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by 7lanet View Post
My path of the Forum www.7lanet.com/vb
Do I make file logfile_worms.txt in the folder of (vb)
Do give file logfile_worms.txt the license logfile_worms.txt 666
When a attack occours it will be created itself.

Quote:
Originally Posted by Koidl View Post
works for 3.7 too ?
All Versions

Quote:
Originally Posted by tiekie View Post
sound very good ... does it work on 3.6.8?
Yes, all versions

Quote:
Originally Posted by dtv100 View Post
does this work with 3.7?
will this slow down server or forum?
Yes, and it doesnt slow down the forum
Reply With Quote
  #23  
Old 11-20-2008, 10:43 PM
dtv100 dtv100 is offline
 
Join Date: Apr 2007
Location: in the south of the north
Posts: 307
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

OK i get a error when click to check subscriptions:


Code:
1||1227227664||xx.xx.xxx.xx||do=find&subscriptionid=5&status=1||http://www.mydomain.com/forums/admincp/subscriptions.php?do=modify||Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)
Reply With Quote
  #24  
Old 11-20-2008, 11:05 PM
invisiblea invisiblea is offline
 
Join Date: Feb 2008
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by dtv100 View Post
OK i get a error when click to check subscriptions:


Code:
1||1227227664||xx.xx.xxx.xx||do=find&subscriptionid=5&status=1||http://www.mydomain.com/forums/admincp/subscriptions.php?do=modify||Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)
PM me the plugin you are using, I will check it out
Reply With Quote
  #25  
Old 11-20-2008, 11:20 PM
ebk ebk is offline
 
Join Date: Feb 2006
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Check subscriptions errors for me as well.
Reply With Quote
  #26  
Old 11-20-2008, 11:20 PM
edermix edermix is offline
 
Join Date: Aug 2008
Posts: 87
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I do not understand what this log to say, please help me to understand it:

Quote:
1||1227218866||189.110.83.180||do=viewsubscription ||http://www.xxxxxxxx.net/profile.php?...c||Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.9.0.4) Gecko/2008102920 Firefox/2.0.0.14;MEGAUPLOAD 1.0

1||1227218871||189.110.83.180||do=viewsubscription &daysprune=-1&folderid=all||http://www.xxxxxxxx.net/profile.php?...c||Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.9.0.4) Gecko/2008102920 Firefox/2.0.0.14;MEGAUPLOAD 1.0
Reply With Quote
  #27  
Old 11-21-2008, 12:23 AM
Barakat's Avatar
Barakat Barakat is offline
 
Join Date: Nov 2004
Location: Jerusalem
Posts: 571
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i tried that hack and support it , in the past ,,,,,,,,,,

https://vborg.vbsupport.ru/showthread.php?t=110030


P.S Befor secureing your Vbulletin you need to know on What SErVer you are running your fourm or scripts ,

coz what ever your old vbulletin where haveing some security holes ,,,, the server security will prevent all the attempt what ever it was .,
Reply With Quote
  #28  
Old 11-21-2008, 01:16 AM
mikesz mikesz is offline
 
Join Date: Jan 2006
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So this hack just filters query input through an array of known hacker attacks phrases. How can you be sure your array is complete or that "attack" isn't a legitimate request? I don't see any checks, just a blanket replace ?
Reply With Quote
  #29  
Old 11-21-2008, 05:00 AM
RvG2 RvG2 is offline
 
Join Date: Jan 2007
Posts: 457
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vbulletin might not need this but I need this in my other mods which may or might be attacked by hackers
Reply With Quote
  #30  
Old 11-21-2008, 07:43 AM
Josh1 Josh1 is offline
 
Join Date: Mar 2006
Posts: 68
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nominated for MOTM.
Reply With Quote
  #31  
Old 11-21-2008, 08:24 AM
rainyleaves rainyleaves is offline
 
Join Date: Mar 2004
Posts: 227
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks,
Do I need change CHMOD 777 of Root Directory?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:37 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06516 seconds
  • Memory Usage 2,337KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (1)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete