Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
[DBTech] vBSecurity v2 (vB4) Details »»
[DBTech] vBSecurity v2 (vB4)
Version: 3.3.0, by DragonByte Tech DragonByte Tech is offline
Developer Last Online: Mar 2023 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 4.x.x Rating:
Released: 12-30-2011 Last Update: 06-18-2018 Installs: 133
DB Changes Uses Plugins
Additional Files Translations  
No support by the author.

vBSecurity: What is it?
vBSecurity keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity.

Uses

vBSecurity is the ideal product for forums that are concerned about security, or wish to be alerted when something suspicious happens.
It keeps a watchful eye on your configuration file, ensuring that it does not get modified by mods or plugins.
Another important feature is the ability to add a secondary login, unique to each administrator, that is required before accessing the AdminCP. Ideal for forums where multiple administrators may share login information, or where administrators may log in from public computers.
Add in quick settings for the most vital vBulletin Options and Usergroup password settings, vBSecurity can easily be called one of the most comprehensive security suites for your vBulletin forum.

-------------------------------------------------------------------------------------------

If you like this mod please hit the button to the right ---->

Please remember to click the, button to the right if you installed the mod ---->

What does 'Marking As Installed' do ?

* It helps you to stay on top of updates - members who have installed modifications will be notified by us whenever new updates are available.

*
For security issues - vbulletin.org will contact all members who have installed a modification whenever a security issue is brought to their attention.

* Marking a modification as installed also helps us know how many people are using our work, giving us extra incentive to provide more features and new modifications.

We appreciate the support!
-------------------------------------------------------------------------------------------

Priority support & Product Demos available at: http://www.dragonbyte-tech.com

-------------------------------------------------------------------------------------------

Translations available @ our forum
Support for translations handled by the translator in its respective threads only.

-------------------------------------------------------------------------------------------

Major Features
Administrator Security: .htaccess-like logins for your administrators means that even if they use the same password on multiple sites, malicious users still need a fresh, unique password to log in.

Security Watchers: Keep an eye on the most important aspects of vBulletin: config.php tampering, AdminCP / User Account access attempts, vBulletin Options, User Data, Usergroup Settings and Usergroup Permissions.
Detailed changelogs available for each watcher dealing with changes.
IP Ban, User Ban, Email alerts and temporary forum closure options available for each watcher individually.

Lite
* Searchable list of all AdminCP access attempts
* Searchable list of all failed login attempts
* Searchable list of administrator changes for areas governed by the Security Watchers
* vBOption: IP Address whitelist for AdminCP access
* vBOption: Separate "Closed Reason" for closures that happened due to potential security breaches
* Quick setting page for the most important vBulletin Options security settings
* Quick setting page for the most important Usergroup security settings
* Security Watchers: General - config.php Variable Tampering, AdminCP Access Attempts
* Security Watchers: Logins - Failed Logons, Failed Mass Logons
* Security Watchers: vBOptions - vBulletin Active, Reason For Turning vBulletin Off, Banned Email Addresses, Banned IP Addresses, Use Login "Strikes" System, Whitelisted IP Addresses, Whitelisted IP Addresses - Exclude Super Administrators
* Security Watchers: User Data - User Name, Password, Email, Primary Usergroup, Additional Usergroups, Reputation Level, Warnings, Infractions, Infraction Points, Receive Admin Emails
* Security Watcher Actions: 2 thresholds with individual configuration options, IP Ban / User Ban / Email Webmaster / Close Forum options available for each Watcher option listed above. Some watcher options may not have all actions.

Pro
* Optional .htaccess-like login on a per-administrator basis
* Settings Snapshots - take a "snapshot" of how the vBulletin Options look at the time, instant restore by clicking Load on a previous snapshot
* Security Watchers: Usergroup - Password Expiry, Password History, every usergroup permission group, every "value" permission
* IP Guard: Administrator IP Address authorisation scheme (similar to Steam Guard) - Require email verification for new IP addresses to access the AdminCP, per-administrator disable

-------------------------------------------------------------------------------------------
This mod displays a copyright notification in the footer of all pages which includes:
  • 1 Link to DragonByte Technologies homepage
  • 1 Link to Product Description page of this modification

Download Now

File Type: zip [DBTech] vBSecurity 3.3.0 [Lite].zip (995.5 KB, 71 views)

Screenshots

File Type: jpg vbsec_adminpasswords.jpg (78.0 KB, 0 views)
File Type: jpg vbsec_recommendations.jpg (75.9 KB, 0 views)
File Type: jpg vbsec_watchergeneral.jpg (76.9 KB, 0 views)
File Type: jpg vbsec_watcherlogin.jpg (77.5 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
2 благодарности(ей) от:
highlander29, paulplater

Comments
  #92  
Old 03-24-2015, 06:34 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by 409industries View Post
Awesome mod. Purchased the pro version.

Wish i had found this a long time ago to enforce password complexity requirements during registration / password changes.

Support is awesome too, they listened to some of my suggestions regarding the mass password reset feature and got the changes implemented very quickly. :-)
Yes it is a very good mod I use many of their pro versions myself
Reply With Quote
  #93  
Old 03-30-2015, 05:51 PM
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Location: Scotland
Posts: 8,814
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vBSecurity v1.1.3

Changes to Existing Features:

Mass Password Reset
  • Now uses a more secure method of generating temporary passwords
  • Enables greater security for users, avoiding brute force attacks on their passwords before the passwords can be changed


Fillip
Reply With Quote
  #94  
Old 04-16-2015, 03:07 AM
GreyGhost's Avatar
GreyGhost GreyGhost is offline
 
Join Date: May 2011
Location: Bathurst, Australia
Posts: 37
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

EDIT: Answered on DBTech forums. ANSWERED HERE

I'm getting the following message when I try to change any vBSecurity settings in ACP.
----------
"Forbidden

You don't have permission to access /admincp/vbsecurity.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."
----------

vB 4.2.2 - vBSecurity v1.1.3

Fresh vB install with a hand full of members and forums/post imported from phpbb3

Only other mod installed is DBTech Copyright Management v2.1.1
Have now disabled both in Manage Products but am still unable to change any settings.

8-)

UPDATE: Just installed vBShout and I'm getting the same Forbidden message when I try to change the settings.
"Forbidden

You don't have permission to access /admincp/vbshout.php on this server."

So I uninstalled vBSecurity and deleted all the files but this hasn't fixed it.

All other vB settings changes work fine, it's only DBTech mods that produce the error.

I've looked for any .htaccess and there's none and checked file permissions which all DBTech .php files are set to 0644 where all other vB .php files on the server are 0600.

8-/
Reply With Quote
  #95  
Old 04-20-2015, 08:13 AM
woodmj woodmj is offline
 
Join Date: Sep 2013
Posts: 66
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

After ugrading to the latest version there seems to be a problem when a standard password change is effected. Please could you advise? The below error is displayed :

Database error in vBulletin 4.2.2:

Invalid SQL:
UPDATE user SET
salt =
passworddate =
password =
dbtech_vbsecurity_forcenewpass =
WHERE userid = ;

MySQL Error : Unknown column 'dbtech_vbsecurity_forcenewpass' in 'field list'
Error Number : 1054
Request Date : Monday, April 20th 2015 @ 10:08:45 AM
Error Date : Monday, April 20th 2015 @ 10:08:45 AM
Script : /profile.php?do=updatepassword
Referrer : /profile.php?do=editpassword
IP Address :
Username :
Classname : vB_Database_MySQLi
MySQL Version : 5.5.41-0ubuntu0.14.04.1
Reply With Quote
  #96  
Old 04-20-2015, 08:32 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by woodmj View Post
After ugrading to the latest version there seems to be a problem when a standard password change is effected. Please could you advise? The below error is displayed :

Database error in vBulletin 4.2.2:

Invalid SQL:
UPDATE user SET
salt =
passworddate =
password =
dbtech_vbsecurity_forcenewpass =
WHERE userid = ;

MySQL Error : Unknown column 'dbtech_vbsecurity_forcenewpass' in 'field list'
Error Number : 1054
Request Date : Monday, April 20th 2015 @ 10:08:45 AM
Error Date : Monday, April 20th 2015 @ 10:08:45 AM
Script : /profile.php?do=updatepassword
Referrer : /profile.php?do=editpassword
IP Address :
Username :
Classname : vB_Database_MySQLi
MySQL Version : 5.5.41-0ubuntu0.14.04.1
The error means you are missing a table but that table was and is not there and never was in this plugin so I dont see how you are getting the error unless you edited the xml
Reply With Quote
  #97  
Old 04-20-2015, 09:13 AM
woodmj woodmj is offline
 
Join Date: Sep 2013
Posts: 66
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Have not edited the XML. This just came about after upgrading to the latest release from the DB site. I believe it's tied in with one of the new features in the new release.
Reply With Quote
  #98  
Old 04-20-2015, 05:10 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This wait for the coder to reply as they will know but I cant see that table or if its part of a table name so this see what the coder has to say
Reply With Quote
  #99  
Old 04-20-2015, 07:30 PM
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Location: Scotland
Posts: 8,814
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vBSecurity v1.1.4

New Features:

Scheduled Password Reset
  • Enforces a password reset for a user upon next login, via the User Manager in the ACP
  • Mimicks the "Password Expiry" feature in vBulletin
  • Great for forcing users to provide a more secure password

(Pro) Mass Scheduled Password Reset
  • Enforces a password reset for every account upon next login
  • Mimicks the "Password Expiry" feature in vBulletin
  • Great for forcing users to provide a more secure password


Fillip
Reply With Quote
  #100  
Old 04-20-2015, 07:32 PM
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Location: Scotland
Posts: 8,814
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by woodmj View Post
After ugrading to the latest version there seems to be a problem when a standard password change is effected. Please could you advise? The below error is displayed :
Code:
alter table user add dbtech_vbsecurity_forcenewpass tinyint(1) unsigned not null default '0'

Fillip
Reply With Quote
2 благодарности(ей) от:
ForceHSS, woodmj
  #101  
Old 04-20-2015, 07:51 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by woodmj View Post
After ugrading to the latest version there seems to be a problem when a standard password change is effected. Please could you advise? The below error is displayed :

Database error in vBulletin 4.2.2:

Invalid SQL:
UPDATE user SET
salt =
passworddate =
password =
dbtech_vbsecurity_forcenewpass =
WHERE userid = ;

MySQL Error : Unknown column 'dbtech_vbsecurity_forcenewpass' in 'field list'
Error Number : 1054
Request Date : Monday, April 20th 2015 @ 10:08:45 AM
Error Date : Monday, April 20th 2015 @ 10:08:45 AM
Script : /profile.php?do=updatepassword
Referrer : /profile.php?do=editpassword
IP Address :
Username :
Classname : vB_Database_MySQLi
MySQL Version : 5.5.41-0ubuntu0.14.04.1
Did not install the latest until now so I see the coder has put in the new table to the update
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:02 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09022 seconds
  • Memory Usage 2,367KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (11)post_thanks_box
  • (4)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (2)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (5)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete