News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Forum Firewall

Started by butchs, January 15, 2011, 11:00:37 AM

Previous topic - Next topic

butchs

Link to Mod

Forum Firewall
* protection against bad people doing bad things *



Authors Official Support thread is at SMF Helper.



Written by:                   butchs
Testing by:                    AngelinaBelle, Lou69, snoopy_virtual and Wizzlefits
Current mod version:  2.0.1
Supported languages: english, spanish_es, spanish_latin, portuguese_brazilian, portuguese_pt
Hack Attempts:             Please share in the support thread so we can all be safe
Translations:                Translations are accepted (see FF_Language.zip)

After over six months of heavy programming along with tons of research and development, I am proud to offer my version of a SMF Forum Firewall.  I believe this is one of the most comprehensive and flexible schemes of its kind out there.  If you choose to try this mod please read the help topics and run it for a few days before blocking visitors.  I hope my work keeps your forum safe?



Sincerely,
butchs



Forum Firewall offers 13 tests for the forum operator that protect against unwanted visitors.  Forum Firewall is written as a supplement to existing site protection methods and should not be the only line of protection.  An ideal protection scheme is as follows:

  • Proxy Firewall.
  • Htaccess protection such as blocking nasty ip addresses, CrawlProtect and GeoIP.
  • Forum Firewall (this mod).
  • Bad Behavior mod.
  • Project Honeypot (included in Bad Behavior mod).
  • Stop Spammer.

The above protection will not stop a determined attacker but it just may send them looking for easier targets.




Some features in this modification:

  • Full IPv6 support.
  • Compatible with CloudFlare and other Proxys.
  • Log and/ or block violations.
  • DOS Protection to lower bandwidth with cool off & email notification.
  • Admin Spoofing Protection.
  • IP Address Spoofing Protection.
  • Port Spoofing Protection.
  • Anti-spoofing cache.
  • Cross Site Scripting (XSS) Protection.
  • SQL Injection Protection.
  • Proxy Bypass Prevention.
  • Limited Country Code blocking.
  • Challenge option for failed IP's and Countries.
  • Automatic scan of image files.
  • Provides spanish warning if it is detected in header (thanks snoopy_virtual).




SMF 1.x version does not have:  Auto trimming of the visitor log and automatic scan of image files.

It is recommended that you do not enable "Block Violations" until after you operated the mod for several days and you are fully confident that there are no infractions in the visitor logs that can deny you or your top members access.



Version History


1.0.0 --  October 24, 2010
2.0.0 - June 14, 2014 - REWRITE in anticipation for SMF 2.1.  IPv6 support, improved Country blocks, New test conditions, improved codes, bug fixes, more bots for robots.txt, spam post to challenge test, xrunner detection, changes thanks MDARULZ, sorting per societyofrobots, Portuguese Translated by Darkness.  Mod will install on SMF 2.1 Alpha 1 to be used for testing purposes only.  A complete uninstall of previous versions is recommended before installation.
2.0.1 - Bug fixes.


Terms of use



By downloading and/or using this MOD you agree to adhere to the following conditions for all versions of the Forum Firewall mod:

  • Copyright info & link must remain intact!  They only can be removed via Author/Creators approval.
  • The Author/Creator is not responsible for any incompatibilities of this mod with your forum.
  • You are FREE to use and customize this MOD on your Forum(s) as per the conditions of these terms however, in no way can the Author/Creator of this MOD be held responsible under any circumstances.
  • Commercial resale of this mod is prohibited without express written permission from the Author/Creator.
  • You are FREE to redistribute this MOD in its original, released state ONLY!
  • Conversion, transfer or porting any portion of the Authors Creative Work, Ideas, procedures and process to any SMF fork without the Authors explicit written permission is strictly prohibited.
  • These terms can be changed or appended at any time by the Author/Creator without any prior notice.

Forum Firewall is licensed under a






Bienvenido a Forum Firewall.  El m√≥dulo Firewall escrito para SMF 2.0.

Forum Firewall ofrece 13 an√°lisis para la gesti√≥n avanzada del foro, que lo protegen contra los intentos de hacking (pirateo). Forum Firewall es un complemento a los m√©todos anti-hacking existentes  y no debe ser la √∫nica l√≠nea de protecci√≥n. Un esquema de protecci√≥n ideal es el siguiente:

  • Proxy Firewall.
  • Protecci√≥n .htaccess para el bloqueo de direcciones ip maliciosas, CrawlProtect y GeoIP.
  • Mod Forum Firewall.
  • Mod Bad Behavior.
  • Proyecto Honeypot.
  • Stop Spammer.
Bienvenido a Forum Firewall.  El modulo Firewall escrito para SMF 2.0.

Forum Firewall ofrece 13 análisis para la gestión avanzada del foro, que lo protegen contra los intentos de hacking (pirateo). Forum Firewall es un complemento a las herramientas anti-hacking existentes  y no debe ser la única medida de protección.

Un esquema de protección ideal es el siguiente:

  • Proxy Firewall.
  • Protección .htaccess para el bloqueo de direcciones ip maliciosas, CrawlProtect y GeoIP.
  • Mod Forum Firewall.
  • Mod Bad Behavior.
  • Stop Spammer.
Esta protección podría no detener a un atacante determinado, pero por lo general les llevara a buscar objetivos mas fáciles.



Una vez visto lo anterior, permitamos hablar ahora sobre el mod Forum Firewall. Las características de esta versión son las siguientes:

  • Compatible con CloudFlare y otros Proxys.
  • Comprueba el estado de register globals y magic quotes.
  • Acepta registros o bloquea infracciones.
  • Detecta y automáticamente descodifica utf8 para su examen.
  • Protege contra pirateo cookie administrador.
  • Protege contra suplantación ip administrador.
  • Enviar un correo electrónico al administrador nunca, en intentos DOS o por cada infracción.
  • Cifrado de cacha incorporado. Se recomienda utilizar esta función ya que Forum Firewall utiliza la cacha para determinar si se trata de una infracción DOS. El mínimo definido es de 20 segundos.
  • Protección DOS. Observa User-Agent y si esta  bloqueado no se le permitir el acceso.  Ademas, hay una función donde se observa a que velocidad (hits por segundo) el visitante rastrea el sitio y lo compara con una lista para después prohibir o marcar al visitante en función de esta configuración. Incluye la posibilidad de prohibir (ban) usando el sistema de prohibiciones de SMF.
  • Validación de direcciones IP - Comprueba todas las direcciones ip en la lista IP Proxy de visitantes.
  • Protección Cross Site Scripting. El Mod observa las cookies de usuarios entrantes y confirma que no están infectadas. Ademas hay un análisis automático en Tareas Programadas que inspecciona los archivos de imágenes adjuntas, iconos gestuales (smilies) y carpetas de imagen de la plantilla una vez por semana para comprobar que no haya infecciones. Esta ultima característica proporciona un mensaje de advertencia.
    Si tiene infecciones las posibilidades de haberse extendido son mayores de lo que piensa y los archivos php podrían estar infectados.
  • Inyección SQL - Todos los URI son inspeccionados para detectar signos de caracteres uri no permitidos e intentos de inyección SQL. Si encuentra uno, habrá una notificación.
  • Protección contra ataques HTTP Header.
  • Protección contra Suplantación de Puerto.
  • Códigos de País - Esta función es limitada. Funcionar√° con servidores basados en GeoIP y CloudFlare.
  • Interfaz Proxy - Comprobar√° la dirección ip de los visitantes con la configuración del proxy para evitar intentos bypass. Por favor tenga en cuenta que actualmente esto solo funciona con una dirección ip estática.



Saludos (translated by papones)

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

JBlaze

Congrats! This is an awesome mod!
Jason Clemons
Former Team Member 2009 - 2012

flapjack

finally, it really is one awesome mod :) I thought you gave up on submitting it

butchs

Thanks guys I was getting close.  I guess the problem was indexing of member groups with some of the original versions of SMF that I did not know about.  I have been working on a workaround all morning.  I still have to test the code.  Will include it in the next version.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

busterone

Looks to be fantastic mod. I haven't installed or tested it yet, but I will be trying this one out very soon. Thanks for the work.  :)

Joker™

Only one word for this mod, Awesome.
Github Profile
Android apps
Medium

How to enable Post Moderation

"For the wise man looks into space and he knows there is no limited dimensions." - Laozi

All support seeking PM's get microwaved

Masterd

I can say just this.

This mod is great! :D

I'm glad because it's finally approved.

Matthew K.

Glad to see you finally got it submitted :)

flapjack

I presume it was submitted months ago, but approved just today :)

Masterd

Quote from: flapjack on January 15, 2011, 02:04:53 PM
I presume it was submitted months ago, but approved just today :)

It has been submited in October.

butchs

It was submitted very long time ago on a distant planet...   O:)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

THE BRA1N

Installed it on RC3 and getting a blank page for Forum Firewall settings on all themes.

żεχเ๏ภ

I've been using this mod since I found it on pctweakr. Probably for about a month or longer. It really does work.  :) I love being able to block bad bots and hackers. I guess its more helpful to huge forums though. I'm happy its approved.



Jason

busterone

OK, installed on a small test forum and all is well. I do have a question about one feature.
If I install it on my main site, we have more than one admin. If I enable Admin IP Confirmation, will it block out the other admins if I input mine, or can I input multiple comma separated IPs ?

Matthew K.

Busterone - Without looking at the code, I'd assume it'd let them in too.

kat

* K@ is confused...

"By downloading and/or using this MOD you agree to adhere to the following conditions for all versions of the Bad Behavior mod:"

Is that a typo?

NanoSector

Quote from: K@ on January 15, 2011, 05:13:58 PM
* K@ is confused...

"By downloading and/or using this MOD you agree to adhere to the following conditions for all versions of the Bad Behavior mod:"

Is that a typo?
I think a copy-pasta typo ;)
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

JBlaze

If I'm not mistaken, it includes the Bad Behavior mod, thus the reason for having to agree to its terms as well.
Jason Clemons
Former Team Member 2009 - 2012

NanoSector

Quote from: JBlaze on January 15, 2011, 05:41:06 PM
If I'm not mistaken, it includes the Bad Behavior mod, thus the reason for having to agree to its terms as well.
Good point.
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

DoctorMalboro

How many resources does this mod consume... let's say monthly?

Advertisement: