The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vBFirewall v1.0 Details »» | |||||||||||||||||||||||||||
This is my first mod for vBulletin and I have tried to make it as better as I could.
What is vBFirewall? Its a PHP script which blocks all kinds of attacks on your vBulletin Forum! Like: URL Poisoning, Remote File Inclusion, SQL Injection, XSS and other kinds of attacks. I have tested each and every function of this mod before releasing it and have used it myself for 1 month It has a attacker logger, which logs the IP and many details of the attacker so that you can reach him This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome. How to install? 1) Go to Admin and Import the xml file product-firewall_vb_rs.xml using the plugin manager. 2) Keep an eye on the log file which can be found here: www.yourvbforumurl.com/logfile_worms.txt (This file will only be created when a attack occour) 3) Your website is now secure from hackers Thanks Download Now
Show Your Support
|
Благодарность от: | ||
Naijasite |
Comments |
#32
|
|||
|
|||
I have also the mistake with the subscriptions... please correct it !
Mark as installed |
#33
|
|||
|
|||
I also get an Error when I will open a Thread which I had looking for...
Sorry but I deinstall it ! unuseable ! |
#34
|
|||
|
|||
In the next release these problems will be solved.
|
#35
|
|||
|
|||
Thanks I will install on my test forum
|
#36
|
|||
|
|||
looks good. nominated
|
#37
|
|||
|
|||
Ownage! Thanks mate
This deserves a Exelent rating and a MOTM Nomination I'm so scared of being hacked |
#38
|
||||
|
||||
Wow this is a great mod for vBulletin my defense manager will be very please with this addition. Will begin testing immediately with my defense manager.
Thanks and nominated for MOTM |
#39
|
||||
|
||||
Any ETA on the next release invisiblea?
|
#40
|
|||
|
|||
Good mod, fantastic idea, however the subscription issue is something of a show stopper. So I decided to look into it.
The reason the "firewall" kicks in on the subscription page is that one of the security rules is 'script', and quiet rightly so. However due to the checking method used, the firewall kicks in when it sees: do=viewsubscription Notice the bold/underlined part The good news is that this can be resolved, but it is a hack to the mod. The following instructions explain what needs to be done, if you want to implement it then I strongly recommend first testing it on an test server. Hopefully this will help the mod dev makes this mod one of the best available here: Right, you need to goto: ACP -> Plugins & Products -> Plugin Manager Once there look for the entries for "Product : vBFirewall", this should only have one plugin called 'vBFirewall' which uses the 'init_startup' plugin. Click edit Copy all the text in 'Plugin PHP Code' into notepad. Now follow these steps:
Once done, copy all the edited text in notepad back into the 'Plugin PHP Code' in ACP, then click save What this is actually doing is creating an extendible security rule exclusion list, so if any other VB queries string invoke the vbFirewall you can add another exclusion. IMPORTANT : I have only run this on a basic test server I have, do not try this unless you are absolutely comfortable with plugins/php etc. A here are some suggestions for the next version:
One other teeny weeny little thing, you need to mention that this is based on the GPL licensed code found here : http://www.cback.de/cback_software/standalonect.php EDIT: Later in this thread I have posted an additional fix for vbAnonymizer users |
#41
|
||||
|
||||
Those suggestions are great especially the auto ban and the view in the admin panel. Hope he adds them and checks those exceptions out.
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|