Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
  #1  
Old 02-10-2009, 08:52 AM
Alexey? Alexey? is offline
 
Join Date: Oct 2008
Location: ISRAEL
Posts: 339
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default i need some security mods or scripts

hey all.
i need some firewall scripts or mods do defence my vbullen.
i already used vBfirewall and i didnt like it.

do you have some other scripts?
mybi even for php or something else.
Reply With Quote
  #2  
Old 02-10-2009, 10:28 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What do you need to defend your board against?
Reply With Quote
  #3  
Old 02-10-2009, 10:36 AM
Alexey? Alexey? is offline
 
Join Date: Oct 2008
Location: ISRAEL
Posts: 339
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i want to defenD against sql inj

my vb version is 3.8.0
Reply With Quote
  #4  
Old 02-10-2009, 10:52 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Use the latest stable version of vB without modifications and you should not have a problem with SQL injections. You can only suffer from this if you are using insecure modifications.
Reply With Quote
  #5  
Old 02-10-2009, 01:04 PM
tafreeh tafreeh is offline
 
Join Date: May 2008
Location: Canada
Posts: 536
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

all the modifications from vb.org have been tested by someone ? if not then where do we get secure modification as u said above..
Reply With Quote
  #6  
Old 02-10-2009, 01:08 PM
Brandon Sheley's Avatar
Brandon Sheley Brandon Sheley is offline
 
Join Date: Mar 2005
Location: Google Kansas
Posts: 4,678
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by tafreeh View Post
all the modifications from vb.org have been tested by someone ? if not then where do we get secure modification as u said above..
Marco said to use the latest version of vBulletin (vbulletin.com)

all the mods here are NOT tested, they are made from those wanting to share their mods

If you want the most secure board, than update and don't use any mods
Reply With Quote
  #7  
Old 02-10-2009, 01:12 PM
Alexey? Alexey? is offline
 
Join Date: Oct 2008
Location: ISRAEL
Posts: 339
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Loco.M View Post
Marco said to use the latest version of vBulletin (vbulletin.com)

all the mods here are NOT tested, they are made from those wanting to share their mods

If you want the most secure board, than update and don't use any mods
all the mods i had i delete e left only 2-3.
and i will upgrade to 3.8.1 like all of you said here
Reply With Quote
  #8  
Old 02-10-2009, 01:26 PM
vbplusme vbplusme is offline
 
Join Date: Sep 2008
Location: CyberSpace
Posts: 332
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Most of the MODs that are here are "as-is" and at your own risk as far as I know. The ones that you need to be really critical of are the ones that accept user input. They represent the most risk if they are not filtering and sanitizing user input which may be most of them that collect user data. Forms are most often the vehicles for sql injections but not always. They can be passed through the browser as well. You should be really concerned with mods that request data in any event. BTW, I have been running 3.8.1 since the day it was released and it was upgraded from 3.7.5 with no problems and only minor custom style changes, fyi.

HTH
Reply With Quote
  #9  
Old 02-10-2009, 02:19 PM
tafreeh tafreeh is offline
 
Join Date: May 2008
Location: Canada
Posts: 536
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

so it means.. mod from vb.org are not really secure.. it just like downloading it from vb.org or any other warez forum.... there is no difference....hmm interesting....
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:07 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05406 seconds
  • Memory Usage 2,228KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete