vBFirewall v1.0

[Core_Core]

What is vBFirewall?
Its a PHP script which blocks all kinds of attacks on your vBulletin Forum! Like: URL Poisoning, Remote File Inclusion, SQL Injection, XSS and other kinds of attacks.

I have tested each and every function of this mod before releasing it and have used it myself for 1 month

It has a attacker logger, which logs the IP and many details of the attacker so that you can reach him

This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome.


How to install?

1) Go to Admin and Import the xml file product-firewall_vb_rs.xml using the plugin manager.
2) Keep an eye on the log file which can be found here: yourvbforumurl.com (This file will only be created when a attack occour)
3) Your website is now secure from hackers

Attached

 

[ashisthebest]

hmm i should need this CHeers mate

 

[mafiaWolf]

How about? DDOS

 

[virus]

double post mobileHack already post this hack check this >> http://www.vbteam.info/vb-3-8-x-add...7-vbfirewall-v1-0-a.html?highlight=vBFirewall

 

[Unsure]

This blocks bots just to let you know.

 

[tryer]

awtz, i though you were the owner of it

This is still in beta version and I will add more features in it to make your vBulletin more secure Suggestions are always welcome.

 

[Burti]

Good Firewall Thanks

ISO-8859-1', 'http://www.google.com/search', '?hl=',
'.txt', '.exe', 'ISO-', '</', '>', '<', 'SELECT', 'FROM%20', 'alert', 'document.cookie', '*', 'c99shell.php', 'shell.php', 'cmd.php', 'cmd.txt',
'c99.gif', '/r57.txt', 'http*', '$*', '/backdoor.php', '/backdoor.gif',

 

[mafiaWolf]

...is that right? I 'll try it

 

[Spinifex]

USE WITH CAUTION, it maybe ok to block certain url hijacking or whatever else it does, but it will block most subscriptions. for certain it blcks _http://YOURURL.com/subscription.php?do=viewsubscription.

mine has stoped quite a few dickheads trying to add their own subscrptions even though my board doesnt use them no more (do=addsubscription&f=200)

it also gives alot of false alarms too and the way to try it is to add /subscription.php?do=viewsubscription to the end of your forum url and see that its easily fooled into thinking its blocking something illegal, best waiting for v1.01 lol

oh well it blocks certain stuff i suppose, >>IT DOES NOT BLOCK DDOS<< blocking ddos or dos attacks is down to your hoster and not you! ddos needs to be prevented at the server end and not your forum, a good server firewall by your host would fix attacks, there is nothing you can do really to stop ddossing, dont wrry too much about people with scripts opening 500+ pages with same ip address as its not going to harm the forum in anyway unless your server is totally shit or slow lol

Spinifex.

 

[usmovie]

this will help with my shit

 

[asafpc]

Tsm!!!!!!!!!!!!!!!!!!!!!

 

[dangerbakili]

this wont help at tall, it will relase your info to google, so people can acess it thats all. I used it, and idk why but my site got hacked the next day.

 

[sixxkilur]

i tried it doesn't look like it works to well for me hell i don't even get the ip address loged just a bunch of bs text these are not the attacker's ip cause i checked the server logs, it may work for some of you but not for me not to mention the 1176 emails it sent to my email server as a hack notice for me spending 30 minutes in the admin adjusting options etc. i'm sorry but being logged in as a admin shouldn't be reporting hacks of the process if you are authenticated properly. good idea though with the script maybe the bugs will be worked out soon.

worms txt below
0||||SYSTEM MESSAGE||AUTOMATIC LOG FILE RESET||-||CRACKERTRACKER
1||1236808487||||||||
1||1236808522||||||||
1||1236808552||||||||

 

[William9999]

SINCERE THANKS !!!!!

if it works

my site has been down because of a ..... HACKER ..... confirmed by him as he laughs in a recorded phone conversation.

no joke

http://sites.google.com/site/ackerclaimstohacksprintwebsite/

 

[devilinearth]

this addon is really a crap... :x

 

[dark_hunter]

this addon is really a crap... :x

gtfo!

 

[bluescorpion]

USE WITH CAUTION, it maybe ok to block certain url hijacking or whatever else it does, but it will block most subscriptions. for certain it blcks _http://YOURURL.com/subscription.php?do=viewsubscription.

mine has stoped quite a few dickheads trying to add their own subscrptions even though my board doesnt use them no more (do=addsubscription&f=200)

it also gives alot of false alarms too and the way to try it is to add /subscription.php?do=viewsubscription to the end of your forum url and see that its easily fooled into thinking its blocking something illegal, best waiting for v1.01 lol

oh well it blocks certain stuff i suppose, >>IT DOES NOT BLOCK DDOS<< blocking ddos or dos attacks is down to your hoster and not you! ddos needs to be prevented at the server end and not your forum, a good server firewall by your host would fix attacks, there is nothing you can do really to stop ddossing, dont wrry too much about people with scripts opening 500+ pages with same ip address as its not going to harm the forum in anyway unless your server is totally shit or slow lol

Spinifex.

I removed this piece of crap from a site just a few days ago because it flagged the site owners IP address as a bad guy and blocked him from his own site LOL

In doing a little after the fact checking, the hack has NEVER been updated, the author has gone missing and its FULL OF BUGS that you have to continuously find and fix yourself. It does indeed have a LOT of false positives.

The site owner was very grateful that I was able to get rid of it though when I tried to uninstall it the first time it croaked and left a mess (don't know what that was about) when I reinstalled it and did the uninstall, it worked correctly?

As advised, use at your own risk and EXTREMELY cautiously.