The Arcive of Official vBulletin Modifications Site.

KX - Rename Config File · **Released**: 12-13-2008

This modification was brought to you by
KXDesign

http://www.kxdesign.com/

~Modification name
Rename Config File

~Modification description
This modification allows you to rename or move the config.php file.This is to protect your sensible information and increase the security of your vBulletin board.

The majority of boards get hacked because a hacker uploads a malicious script to get hold of the config.php content.But if you move or rename it,there is no chance that they find out the location of it.

Tips & Tricks:

vBSEO - https://vborg.vbsupport.ru/showpost....1&postcount=24
Fool Hackers - https://vborg.vbsupport.ru/showpost....8&postcount=23

~Modification options
None

~Modification info
File uploads: 0
File edits: 1
Templates: 0
Template edits: 0
Plugins: 0
SQL Queries: 0
Phrases: 0
Settings: 0
Hooks: 0

Install time: 1 minute
Install level: Light

~Modification installation

Step 1: Open includes/class_core.php and find:

Code:

include(CWD . '/includes/config.php');

		if (sizeof($config) == 0)
		{
			if (file_exists(CWD. '/includes/config.php'))
			{
				// config.php exists, but does not define $config
				die('<br /><br /><strong>Configuration</strong>: includes/config.php exists, but is not in the 3.6+ format. Please convert your config file via the new config.php.new.');
			}
			else
			{
				die('<br /><br /><strong>Configuration</strong>: includes/config.php does not exist. Please fill out the data in config.php.new and rename it to config.php');
			}
		}

And replace it with:

Code:

include(CWD . 'XXXXX');

		if (sizeof($config) == 0)
		{
			if (file_exists(CWD. 'XXXXX'))
			{
				// config.php exists, but does not define $config
				die('<br /><br /><strong>Configuration</strong>: includes/config.php exists, but is not in the 3.6+ format. Please convert your config file via the new config.php.new.');
			}
			else
			{
				die('<br /><br /><strong>Configuration</strong>: includes/config.php does not exist. Please fill out the data in config.php.new and rename it to config.php');
			}
		}

Where XXXXX is the relative path to your new config file.It can be, for instance:
admincp/mynewconfig.php or includes/configuration.php .

~Modification screenshots
None

~Modification changelog

1.0.0 - First Release

~Modification copyright
This may not be distributed,released or claimed as your work without author's permission.

Ziki · #22 02-11-2009, 04:17 AM

Yes there is a 3.7 version as well.

kapii · #23 02-16-2009, 12:52 PM

This is excellent, however, it would not find the wording exactly, so, I hope this really works the way I had to do it. I only changed the path, and moved the file. The board works, so I hope this accomplished what we're trying to do here...

Thanks!
:up:

Merjawy · #24 02-17-2009, 12:31 AM

why not keep a fake copy of config.php with this mod, in the original folder to fool hackers?

michi123 · #25 02-17-2009, 08:05 AM

ye, cuz ur out of your forums folder! the folder has to be in your forums folder!

if sumone is using vbseo, uve to change the config path in config_vbseo.php too!

search

Code:

define('VBSEO_VB_CONFIG',              'config.php');

replace with

Code:

define('VBSEO_VB_CONFIG',              '../folder/newconfig.php');

important is the .. !

Ziki · #26 02-17-2009, 10:49 AM

Quote:

Originally Posted by Merjawy

why not keep a fake copy of config.php with this mod, in the original folder to fool hackers?

Quote:

Originally Posted by michi123

ye, cuz ur out of your forums folder! the folder has to be in your forums folder!

if sumone is using vbseo, uve to change the config path in config_vbseo.php too!

search

Code:

define('VBSEO_VB_CONFIG',              'config.php');

replace with

Code:

define('VBSEO_VB_CONFIG',              '../folder/newconfig.php');

important is the .. !

Will add these to the first post!

tlwwolfseye · #27 02-17-2009, 04:36 PM

That works great on my 3.7.5, except with the Mod "IbProArcade". There it gives me a Database error because it still tries to include the original Filename of the config.php.

bigcurt · #28 05-09-2009, 04:38 AM

Is there a problem with IPBProArcade Ziki?

Thanks,
Curt

Ziki · #29 05-09-2009, 05:37 AM

I don't know I didn't test it.

michael.hart · #30 05-15-2009, 09:52 PM

This seems a bit pointless, in my opinion. If a hacker was determined enough (and as this addon becomes used more and more), then I don't see much of a point. They'll just know to check the core file. Your best bet was to keep this to yourself, if your goal was security. Sharing this sort of threw it out of the "Secure" category.

Also, as long as your MySQL server only allows access to your server (and not everyone), (cPanel servers are often configured this way, and you can add exceptions in the cPanel) then even if that have that information, it does them no good.

Also, proper website/server security would make it really difficult for a hacker to upload a file to your server, and even if they did, why bother with this as they probably have full access anyway?

Just my opinion. Take it with a grain of salt

avsunforum · #31 05-16-2009, 03:47 PM

Thanks

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04733 seconds Memory Usage 2,340KB Queries Executed 26 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (6)bbcode_code (2)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (4)navbar_link (120)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (11)post_thanks_box (1)post_thanks_box_bit (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit (11)post_thanks_postbit_info (10)postbit (1)postbit_attachment (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

Благодарность от:
RyanFabbro

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!