Add-On Releases - DnP Firewall : SEO Friendly Double-Protection Layers against Flood / DoS / Spam Bots

DnP Firewall Gateway Demo

*To test Front-End Layer protection : It's the page shows up when you first enter the site.
*To test 2nd Layer Protection : Pass Front-End Layer protection, then Tap (not hold) F5 continuously nonstop for 10 seconds.

DnP Firewall Gateway was designed to stand against the massive DoS attack targeted DnP Network? few years ago. Upon installed, it has been reducing the severe level of many incidents and preventing my forum from being overload ever since. It also nearly blocks away all the automated bots that come to register for spamming on the forum. The last release was almost 3 years ago and there had never been any update to the MOD. Version 0.3 came with many issues though it was very stable. I decide to give another upgrade and simplify the code a little for another release. Don't hesitate to install DnP Firewall Gateway for your forum and hope you will find it as useful as I do.

*This Firewall is compatible with All PHP Forum systems and Search Engines Friendly*

1 - Use this simple Firewall to protect your ( vBulletin / phpBB / SMF / IPB / etc.. ) forum

1. Deny unwanted Bots
2. Reduce Spamming
3. Block Flooding Attack
4. Partially weaken DoS
5. Prevent automated malicious scripts pass through

2 - Side features

1. Increase your Adsense Impression and Revenue.
2. Act as an Introduction page for your forum.
3. SEO Friendly. (DnP Network has this firewall installed for more than 2 years. Google Search : silveryhat returns 29,000+ results)
4. No query executed / Extremely fast

3 - Installation for vBulletin Forum

a. Upload all files from package to your forum_root
b. Open global.php using Notepad. (Why global.php ? Because global.php is the core file of vBulletin system , it is also the initial startup file that calls important database queries and keeps sensitive information. The Firewall comes before any of the processes run to prevent direct damage to the forum. That is the reason why DnP Firewall does not use any hook or come as an automatic plugin like other MOD)

Find

PHP Code:

// identify where we are
define('VB_AREA', 'Forum'); 


Add BEFORE

PHP Code:

if(file_exists('dnp_fw.php')){require_once('dnp_fw.php');} 


Simply remove this line to deactivate the firewall

c. Save and Reupload global.php to your server. Done!

3b - Upgrade
Simply perform step

Quote:

a.Upload all files from package to your forum_root

*If you have custom layout, do not overwrite dnp_fw_template.php*

4 - Note

Eventhough the DnP Firewall Gateway could reduce the damage of a flooding attack, it does not guarantee that all of the negative affects of an attack could be avoided. I do not hold any responsibility for such matters. As an administrator you should know that there is not software firewall that could be as effective as a hardware firewall.

You are free and encouraged to modify the Layout of the Gateway page in dnp_fw_template.php but please respect the copyrights notice of the author. Additional templates are also available if you'd want different look. (How to change DnP Firewall Template)

Free layouts for DnP Firewall Gateway at Firewall Templates

DnP Firewall Gateway also acts as an Introduction page for your forum if you fill it up with rich information content of your site. Adsense or other Ads could be placed here to maximize your revenue since every visitor will need to pass by this Introduction page. It almost 100% guarantees that your CTR or Page Impression will raise quickly.

5 - Compability

This MOD can be used with almost any system that runs PHP. Compatible with all vBulletin forum from 3.0.x to 3.8.x

It should not conflict with any existing MODs on your forum.

DnP Firewall Gateway consumes very little server resource because on the surface, it is just a simpe webpage. It does not execute any query, therefore your database will not be affected under any circumstances by this MOD.

DnP Firewall Gateway could together be used with InV-Firewall Script to act as doubled-firewall system that 2 x the strength against Flood /DoS Attack with bonus of denying malicious query and tracking access.

DnP Firewall Gateway is also compatible with DnP Instant! AJAX/SEO Musicbox & News smart anti-flood protection that brings extra power to the firewall. The 3 firewalls, DnP Firewall Gateway - InV-Firewall Script and Smart Anti-Flood from DnP Instant! AJAX/SEO Musicbox & News can be used altogether to triple the strength.

6 - History Log

v1.4

1. Optimize firewall structure
2. Optimize 2nd-layer protection

v1.3

1. Add 2nd layer protection
2. 3 more options for 2nd layer protection in config file

v1.2 Beta

1. Improve Firewall Stability
2. Add Domain option
3. Separate config file

7 - Useful links

1. Setup Domain List for DnP Firewall Gateway
2. How to change DnP Firewall Template
3. What are the Search Engines allowed by DnP Firewall Gateway ?
4. Branding-Free License of DnP Firewall Gateway
5. Detail information about DnP Firewall 2nd Layer Protection
6. Templates collection

[Original topic can be found at http://www.silveryhat.com/delynie/f142/dnp-firewall-help-your-forum-fight-flood-attack-dos-spam-unwated-bots-6985.html]

[big219]

Thank you for this awesome mod, hopefully it does the job
it is suppose to do. Keep up the great work silveryhat!!

Regards,
Kev

[silveryhat]

Quote:

Originally Posted by need2fart

I am unsure about installing this mod. Recently I've been receiving DDoS attacks, about 300 zombies were flooding my forum with a UDP flood... Will this help me lol? I get flooded by medium attacks like 300-500 zombies. =\

Will this have any effect or save my forum? I hate having my host banning all the IP's and I soon find out half my members were infected with botnets. This has all been fixed but, still I'm bracing for another DDoS attack soon.

On a scale of about 1-10

If I got DDoSed by about 100 zombies, would my forum still load with this hack?
Normally if I get attacked by 100 zombies I do lose connection to the server -

Thanks man I've been looking for a good firewall for preventing DDoS. I'm sad hostgator doesn't offer ddos hardware protection.

On the situation of 100+ bots , the firewall could reduce the attack 20-80% theoretically, depend on what technique it uses and what type of flooding it is, xFlash or IMCP flooding etc...

As the matter of fact, you should also deny these ips or the the ones cause the most requests during the flood occurrence , then remove the list after it has gone.

Quote:

Originally Posted by jchamber2010

How hard it to change your Useragent? I know that in firefox it is really quite easy to do using About:Config, same with seamonkey. This wouldn't offer protection at all if the DDoSer knew about it.

It still has two layer of protections even if user-agent is fake. You can give it a try

Quote:

Originally Posted by big219

Thank you for this awesome mod, hopefully it does the job
it is suppose to do. Keep up the great work silveryhat!!

Regards,
Kev

I'm developing a newer version based on a new bounce back technique, still waiting for feedback from my professors though.

[James Birkett]

My apologies if this is already answered but i'm short for time at the minute:

Does it log IP addresses of potential DDoS attempts?

[jchamber2010]

Quote:

Originally Posted by silveryhat

...t still has two layer of protections even if user-agent is fake. You can give it a try ...

I can make your website think my browser is the Google Bot, so it's either going to let me in, and believe that I'm the googlebot OR it's going to be blocking the real googlebot

[Dr.LoVe]

Parse error: syntax error, unexpected ':', expecting ')' in /home/xxx/public_html/vb/dnp_fw_config.php on line 29

??

[silveryhat]

Quote:

Originally Posted by James Birkett

My apologies if this is already answered but i'm short for time at the minute:

Does it log IP addresses of potential DDoS attempts?

This is my respond to a similar concern

Quote:

It was one of my concern when I first start coding the mod. I believe generating logs during an attack will consume alot of server resource and I want the minimize the amount of damage to the forum so log feature has been removed.

Quote:

Originally Posted by jchamber2010

I can make your website think my browser is the Google Bot, so it's either going to let me in, and believe that I'm the googlebot OR it's going to be blocking the real googlebot

The two other protection is the 2nd layer protection and cookie check , too many requests will disable the session no matter if the visitor is bot agent or not.

Quote:

Originally Posted by Dr.LoVe

Parse error: syntax error, unexpected ':', expecting ')' in /home/xxx/public_html/vb/dnp_fw_config.php on line 29

??

You have done some misconfiguration. Try to use the original file or post the content of your dnp_fw_config.php and I'll check for you.

[Dr.LoVe]

i didn't do anything just add my website link look here

Code:

<?
//List of Search Engine Agents
$UserAgent = array(
	'Googlebot',
	'msnbot',
	'slurp',
	'fast-webcrawler',
	'Googlebot-Image',
	'teomaagent1',
	'directhit',
	'lycos',
	'ia_archiver',
	'gigabot',
	'whatuseek',
	'Teoma',
	'scooter',
	'Ask Jeeves',
	'slurp@inktomi',
	'gzip(gfe) (via translate.google.com)',
	'Mediapartners-Google',
	'crawler@alexa.com'
);

//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : 'google.com' , 'www.google.com'
$Forum_domain = array(
	‘http://xxxx.com’,
	‘http://www.xxxxx.com’,

);

//2nd Layer Flood Protection enable ?
//1 to enable , 2 to disable
$config['dnp_firewall_2nd_layer'] = 1 ;

//Amount of time in second to show restrict message if a Flooding attack is determined
$config['dnp_firewall_wait_time'] = 10 ;

//Amount of penalty to be considered a Flooding attack. 
//Every time multiple requests sent to the forum in less than few a second, penalty count increased by 1.
$config['dnp_firewall_penalty_allow'] = 6;
?>

And another thing if you don't mind could you tell me when should i upload those files ?
( public_html or vb file )??

thanx

[silveryhat]

Quote:

Originally Posted by Dr.LoVe

i didn't do anything just add my website link look here

And another thing if you don't mind could you tell me when should i upload those files ?
( public_html or vb file )??

thanx

It's nothing much wrong, only that you have to use the right single quotes . Here is the fix :

PHP Code:

<?
//List of Search Engine Agents
$UserAgent = array(
    'Googlebot',
    'msnbot',
    'slurp',
    'fast-webcrawler',
    'Googlebot-Image',
    'teomaagent1',
    'directhit',
    'lycos',
    'ia_archiver',
    'gigabot',
    'whatuseek',
    'Teoma',
    'scooter',
    'Ask Jeeves',
    'slurp@inktomi',
    'gzip(gfe) (via translate.google.com)',
    'Mediapartners-Google',
    'crawler@alexa.com'
);

//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : 'google.com' , 'www.google.com'
$Forum_domain = array(
    'http://xxxx.com',
    'http://www.xxxxx.com',

);

//2nd Layer Flood Protection enable ?
//1 to enable , 2 to disable
$config['dnp_firewall_2nd_layer'] = 1 ;

//Amount of time in second to show restrict message if a Flooding attack is determined
$config['dnp_firewall_wait_time'] = 10 ;

//Amount of penalty to be considered a Flooding attack. 
//Every time multiple requests sent to the forum in less than few a second, penalty count increased by 1.
$config['dnp_firewall_penalty_allow'] = 6;
?>

[vnairp11]

excellent mod nominated thanks

[JasonGD]

Back with a little update, it's been about 3 weeks since installing, and I've had absolutely no spammers! That's definitely a nice change from the 1 a day I was getting beforehand.

This thing rocks!