Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
Reload this Page Website Firewall
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 09-03-2015, 09:42 AM
chikuru chikuru is offline
 
Join Date: Nov 2011
Posts: 228
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Website Firewall
Anyone using Website Application Firewall?
What are you using? Hows your experience?
What do you recommend?
Reply With Quote
  #2  
Old 09-03-2015, 12:06 PM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
What kind of firewall are we talking about?
To prevent bots? To prevent website attacks such as SQL injection and such? To prevent (D)DoS attacks?

I don't use any because I have made my own very basic filtering function in PHP for vBulletin that should prevent any 0day attacks. (D)DoS attacks can not be prevented with a WAF. But besides that there's always some way to bypass a WAF because it simply checks the request sent to the server for certain patterns or strings.

Cloudflare and Incapsula are good examples of DNS providers who also provide WAF and DDoS protection.
Reply With Quote
  #3  
Old 09-03-2015, 12:33 PM
chikuru chikuru is offline
 
Join Date: Nov 2011
Posts: 228
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Specifically sql injection, xss, and 0day attacks. Im currently using the free version of cloudflare
Reply With Quote
  #4  
Old 09-03-2015, 04:39 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
  
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Incapsula is good, I've been stopped dead in my tracks by it and I wasn't even trying anything dirty, I swear!

Always a good idea to check with your host, some offer very solid advice on matters such as this including what they can offer/do as I bet its not their first ddos rodeo .
Reply With Quote
  #5  
Old 09-03-2015, 07:14 PM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by chikuru View Post
Specifically sql injection, xss, and 0day attacks. Im currently using the free version of cloudflare
The free version does not provide any WAF though, you'll have to buy one of the packages of which the cheapest one is $20/month. I recommend either Cloudflare or Incapsula.
Reply With Quote
  #6  
Old 09-07-2015, 05:43 PM
bremereric's Avatar
bremereric bremereric is offline
 
Join Date: Aug 2011
Location: Tomball Texas
Posts: 203
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Not free, but I use a cloud proxy firewall from Sucuri. Had several hacks two weeks ago through the loophole in vb 4.1.3
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 08:52 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04118 seconds
  • Memory Usage 2,207KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (6)post_thanks_box
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (6)post_thanks_postbit_info
  • (6)postbit
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete