vBFirewall v1.0

This is my first mod for vBulletin and I have tried to make it as better as I could.

Click Install If You Use it!!

What is vBFirewall?
Its a PHP script which blocks all kinds of attacks on your vBulletin Forum! Like: URL Poisoning, Remote File Inclusion, SQL Injection, XSS and other kinds of attacks.

I have tested each and every function of this mod before releasing it and have used it myself for 1 month

It has a attacker logger, which logs the IP and many details of the attacker so that you can reach him

This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome.


How to install?

1) Go to Admin and Import the xml file product-firewall_vb_rs.xml using the plugin manager.
2) Keep an eye on the log file which can be found here: www.yourvbforumurl.com/logfile_worms.txt (This file will only be created when a attack occour)
3) Your website is now secure from hackers



Thanks

[Kai77]

Does it also recognizes dos attacks?
If someone is hitting refresh button to fast and to often?

[ShadowStalker]

Quote:

Originally Posted by Biker_GA

Are you sure?

The problem I see with this plugin is it does NOT differentiate between valid requests from the membership and real attempts to hijack the board. It reminds me a little bit of the early versions of Zone Alarm that popped an "Oh My Lord" message every time a packet hit the PC. The uninformed would then panic and scream bloody blue murder that someone was trying to attack their PC, when in fact, all it that happened was a query packet was received from the DNS.

Until this plugin can tell what's valid and what isn't, people should not put much faith in what it reports as an attack.

This guy knows what he is talking about.

[wo0kie]

+1

Created more harm than good, although a somewhat good idea nonetheless.

[accludetuner]

Once you figure out all the legitimate things that are getting blocked and add exceptions for them, it runs flawlessly in the background blocking anything that isn't legit or that's malformed. Whether it's an official hacking attempt or not, it blocks things that could possibly cause damage or waste your servers resources. That's enough reason right there to install this mod, get it set up properly and let it do its job while you focus on other things. Don't listen to the nay-sayers. Yes, it takes a little time getting it set up but once it's set up it's good to go and well worth the install/configuration. Excellent mod... nominated

[Orakk]

Quote:

Originally Posted by accludetuner

Thank you for that work around. Here's the list of everything in my array that got the subscription/unsubscribe features to work properly. It took all of them for it work properly:

Code:

$securityexclusions = array(
	'do=viewsubscription','do=removesubscription', 'do=addsubscription', 'do=doaddsubscription'
);

Awesome mod!!!

Plus MrEyes additions this is working on 383 with no issues.

Thankyou. :up:

[Wheemer]

This mod keeps bumping heads with a googlebot on my site. Is this googlebot really trying to hack? Or is this mod just overly sensitive.

I wish it had more options.

[deepak7]

This plugin stopped thread subscription working

[James Birkett]

I think if you all work together and help each other with the arrays for the exceptions, then this mod would very easily be a nice use.
I am interested in this modification, and I will download and read through the code before installing.

[ahmer]

thanks Installed

[Rideharder]

VbGarage 3.5
Let Your Members Show Off Their Rides !!!

https://vborg.vbsupport.ru/showthread.php?p=1109494

Firewalls blocking pop-up image on this mod

Anybody know any fixes around this it blocks a pop-up on the image..