Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vBFirewall v1.0 Details »»
vBFirewall v1.0
Version: 1.00, by invisiblea invisiblea is offline
Developer Last Online: Dec 2008 Show Printable Version Email this Page

Version: 3.8.0 Beta 2 Rating:
Released: 11-19-2008 Last Update: Never Installs: 682
Uses Plugins Auto-Templates
Is in Beta Stage  
No support by the author.

This is my first mod for vBulletin and I have tried to make it as better as I could.



What is vBFirewall?
Its a PHP script which blocks all kinds of attacks on your vBulletin Forum! Like: URL Poisoning, Remote File Inclusion, SQL Injection, XSS and other kinds of attacks.

I have tested each and every function of this mod before releasing it and have used it myself for 1 month

It has a attacker logger, which logs the IP and many details of the attacker so that you can reach him

This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome.


How to install?

1) Go to Admin and Import the xml file product-firewall_vb_rs.xml using the plugin manager.
2) Keep an eye on the log file which can be found here: www.yourvbforumurl.com/logfile_worms.txt (This file will only be created when a attack occour)
3) Your website is now secure from hackers



Thanks

Download Now

File Type: zip vBFirewall.zip (3.6 KB, 3545 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
Naijasite

Comments
  #232  
Old 09-03-2009, 02:12 PM
Itchy Nips's Avatar
Itchy Nips Itchy Nips is offline
 
Join Date: Jun 2009
Posts: 131
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

just an update for others thinking about installing this:
vb3.8.3 - users cannot access their subscriptions page. this mod blocks their attempt and thinks its a hack attempt

disabled for now
Reply With Quote
  #233  
Old 09-03-2009, 02:15 PM
RvG2 RvG2 is offline
 
Join Date: Jan 2007
Posts: 457
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Itchy Nips View Post
just an update for others thinking about installing this:
vb3.8.3 - users cannot access their subscriptions page. this mod blocks their attempt and thinks its a hack attempt

disabled for now
a solution is given on previous pages.
Reply With Quote
  #234  
Old 09-03-2009, 02:15 PM
Itchy Nips's Avatar
Itchy Nips Itchy Nips is offline
 
Join Date: Jun 2009
Posts: 131
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thanks. i wasnt aware of that
Reply With Quote
  #235  
Old 09-03-2009, 06:30 PM
RvG2 RvG2 is offline
 
Join Date: Jan 2007
Posts: 457
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Itchy Nips View Post
it just prevented me from viewing the control panel log in the admincp. When I click on:

ADMINCP > USERGROUPS > ADMINISTRATOR PERMISSIONS > VIEW CONTROL PANEL LOG

it displays an error and emails me that a hack attempt was just made.
find:

'st=-', 'cat%20', 'include', '_path=');

add below:

$securityexclusions = array(
'do=viewsubscription','do=removesubscription', 'do=addsubscription', 'do=doaddsubscription', 'do=view&script'
);

in addition to the fix for subscription.
Reply With Quote
  #236  
Old 09-04-2009, 07:27 PM
d0cpaul's Avatar
d0cpaul d0cpaul is offline
 
Join Date: Aug 2009
Posts: 32
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How do I know what kind of attack I am getting? Here is an attack I received a couple times today.

Code:
1||1252094560||192.138.214.106||do=viewsubscription||http://www.loansafe.org/forum/usercp.php||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12) Gecko/20080219 Firefox/2.0.0.12 Navigator/9.0.0.6
Reply With Quote
  #237  
Old 09-11-2009, 07:25 AM
iEdster iEdster is offline
 
Join Date: Aug 2009
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How can I remove it? I removed it via Product page, it still gives me hack attempts sent to my email. I wanna remove it completely, because it conflicts with other plugins, and gives me errors.
Reply With Quote
  #238  
Old 09-13-2009, 01:52 PM
badheeu badheeu is offline
 
Join Date: Oct 2007
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello!

Hack Attempt has been successfully prevented for your vBulletin forums at:
KMA? Warez Forums

Report:
============================

1||1252849941||115.84.147.15||do=viewsubscription& folderid=all||http://www.kma-forum.com/usercp.php||Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/530.5 (KHTML, like Gecko) Chrome/2.0.172.43 Safari/530.5

============================

but no report logs created
Reply With Quote
  #239  
Old 09-15-2009, 11:49 PM
solarhosts solarhosts is offline
 
Join Date: Sep 2009
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

sweet thanks.
Reply With Quote
  #240  
Old 09-28-2009, 05:30 AM
foroalfaromeo foroalfaromeo is offline
 
Join Date: Feb 2009
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I've installed it, but it had no effect in my forum what so ever.
What parameters does it work on?

I only see a Menu that tuns log & notifications on or off.
Reply With Quote
  #241  
Old 10-05-2009, 03:48 PM
Kolbi Kolbi is offline
 
Join Date: Mar 2009
Location: D - S?dbaden
Posts: 899
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There is an big bug. Users can´t unsubscribe from thread without getting blocked from the firewall.
Need to be fixed.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:32 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.15367 seconds
  • Memory Usage 2,334KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (1)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete