Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
[DBTech] vBSecurity v2 (vB4) Details »
[DBTech] vBSecurity v2 (vB4)
Mod Version: 3.3.0, by DragonByte Tech (Coder) DragonByte Tech is offline
Developer Last Online: Feb 2019 I like it Show Printable Version Email this Page

vB Version: 4.x.x Rating: (16 votes - 4.56 average) Installs: 130
Released: 30 Dec 2011 Last Update: 19 Jun 2018 Downloads: 842
Supported DB Changes Uses Plugins Additional Files Translations  

vBSecurity: What is it?
vBSecurity keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity.

Uses

vBSecurity is the ideal product for forums that are concerned about security, or wish to be alerted when something suspicious happens.
It keeps a watchful eye on your configuration file, ensuring that it does not get modified by mods or plugins.
Another important feature is the ability to add a secondary login, unique to each administrator, that is required before accessing the AdminCP. Ideal for forums where multiple administrators may share login information, or where administrators may log in from public computers.
Add in quick settings for the most vital vBulletin Options and Usergroup password settings, vBSecurity can easily be called one of the most comprehensive security suites for your vBulletin forum.

-------------------------------------------------------------------------------------------

If you like this mod please hit the button to the right ---->

Please remember to click the, button to the right if you installed the mod ---->

What does 'Marking As Installed' do ?

* It helps you to stay on top of updates - members who have installed modifications will be notified by us whenever new updates are available.

*
For security issues - vbulletin.org will contact all members who have installed a modification whenever a security issue is brought to their attention.

* Marking a modification as installed also helps us know how many people are using our work, giving us extra incentive to provide more features and new modifications.

We appreciate the support!
-------------------------------------------------------------------------------------------

Priority support & Product Demos available at: http://www.dragonbyte-tech.com

-------------------------------------------------------------------------------------------

Translations available @ our forum
Support for translations handled by the translator in its respective threads only.

-------------------------------------------------------------------------------------------

Major Features
Administrator Security: .htaccess-like logins for your administrators means that even if they use the same password on multiple sites, malicious users still need a fresh, unique password to log in.

Security Watchers: Keep an eye on the most important aspects of vBulletin: config.php tampering, AdminCP / User Account access attempts, vBulletin Options, User Data, Usergroup Settings and Usergroup Permissions.
Detailed changelogs available for each watcher dealing with changes.
IP Ban, User Ban, Email alerts and temporary forum closure options available for each watcher individually.

Lite
* Searchable list of all AdminCP access attempts
* Searchable list of all failed login attempts
* Searchable list of administrator changes for areas governed by the Security Watchers
* vBOption: IP Address whitelist for AdminCP access
* vBOption: Separate "Closed Reason" for closures that happened due to potential security breaches
* Quick setting page for the most important vBulletin Options security settings
* Quick setting page for the most important Usergroup security settings
* Security Watchers: General - config.php Variable Tampering, AdminCP Access Attempts
* Security Watchers: Logins - Failed Logons, Failed Mass Logons
* Security Watchers: vBOptions - vBulletin Active, Reason For Turning vBulletin Off, Banned Email Addresses, Banned IP Addresses, Use Login "Strikes" System, Whitelisted IP Addresses, Whitelisted IP Addresses - Exclude Super Administrators
* Security Watchers: User Data - User Name, Password, Email, Primary Usergroup, Additional Usergroups, Reputation Level, Warnings, Infractions, Infraction Points, Receive Admin Emails
* Security Watcher Actions: 2 thresholds with individual configuration options, IP Ban / User Ban / Email Webmaster / Close Forum options available for each Watcher option listed above. Some watcher options may not have all actions.

Pro
* Optional .htaccess-like login on a per-administrator basis
* Settings Snapshots - take a "snapshot" of how the vBulletin Options look at the time, instant restore by clicking Load on a previous snapshot
* Security Watchers: Usergroup - Password Expiry, Password History, every usergroup permission group, every "value" permission
* IP Guard: Administrator IP Address authorisation scheme (similar to Steam Guard) - Require email verification for new IP addresses to access the AdminCP, per-administrator disable

-------------------------------------------------------------------------------------------
This mod displays a copyright notification in the footer of all pages which includes:
  • 1 Link to DragonByte Technologies homepage
  • 1 Link to Product Description page of this modification

Download Now

Only licensed members can download files, Click Here for more information.

Screenshots

Click image for larger version

Name:	vbsec_adminpasswords.jpg
Views:	1240
Size:	78.0 KB
ID:	135371   Click image for larger version

Name:	vbsec_recommendations.jpg
Views:	890
Size:	75.9 KB
ID:	135372   Click image for larger version

Name:	vbsec_watchergeneral.jpg
Views:	787
Size:	76.9 KB
ID:	135373   Click image for larger version

Name:	vbsec_watcherlogin.jpg
Views:	994
Size:	77.5 KB
ID:	135374  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Major Additions [DBTech] vBShop v3 (vB4) DragonByte Tech vBulletin 4.x Add-ons 590 19 Dec 2018 19:05
Major Additions [DBTech] vBArcade v2 (vB4) DragonByte Tech vBulletin 4.x Add-ons 429 23 Oct 2018 10:49
Major Additions [DBTech] vBNotifications v1 (vB4) DragonByte Tech vBulletin 4.x Add-ons 189 16 Apr 2018 21:46
Administrative and Maintenance Tools [DBTech] vBMail v2 (vB4) DragonByte Tech vBulletin 4.x Add-ons 346 18 Jun 2017 12:26
Major Additions [DBTech] vBNavTabs - Navbar Tabs / Tab Management v1 (vB4) DragonByte Tech vBulletin 4.x Add-ons 420 11 Jun 2017 22:45

  #46  
Old 10 Mar 2012, 00:40
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
vBSecurity v1.0.4:
Feature: Added a block of text to Security Recommendations that discusses server security for WHM-based servers


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #47  
Old 07 May 2012, 17:11
Nirjonadda Nirjonadda is offline
 
Join Date: Dec 2011
Real name: Md Tajirul Islam
Installed Pro Version ! I think now save my site from hacking ?
Reply With Quote
  #48  
Old 07 May 2012, 18:56
LLent LLent is offline
 
Join Date: Aug 2010
this is a support thread for vbsecurity not the other fine mods that db has ..i say we get back on topic ....btw is a fine addon and works very well with latest version of vb no issues to speak of
Reply With Quote
  #49  
Old 07 May 2012, 20:24
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
Originally Posted by Nirjonadda View Post
Installed Pro Version ! I think now save my site from hacking ?
No site is ever safe, but vBSecurity will help alert you if something suspicious starts going on


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #50  
Old 20 May 2012, 07:21
sivaganeshk sivaganeshk is offline
 
Join Date: Oct 2010
@DBT:
I changed the memcached settings in config file. At first , I received the security notification.
Thats fine.

But again every 2 or 3 days, I get the same notification (thrice at the same time)


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Got the same message thrice yesterday. While I changed the memcached setting a week ago.
Reply With Quote
  #51  
Old 20 May 2012, 13:14
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
Are you sure you have no modifications installed that could be causing this?

I'd suggest looking through every plugin from every mod and ensure none of them tamper with that variable, because I've dug through the vB4 code and they do not unset() or set to NULL that variable.

On DBTech we are also using vBSecurity as well as the datastore prefix, and we have no such issues


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #52  
Old 20 May 2012, 14:46
sivaganeshk sivaganeshk is offline
 
Join Date: Oct 2010
Vbseo might cause this? Because it also has a cache setting feature and i choosed Memcached in thtat .
Reply With Quote
  #53  
Old 20 May 2012, 17:28
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
That is entirely possible, could you try turning off memcached in vBSEO and see if that resolves the issue?


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #54  
Old 21 May 2012, 04:02
MagicPID's Avatar
MagicPID MagicPID is offline
 
Join Date: Jul 2011
I can't find the settings for dual-authentication in the mod that is shown here:

http://www.vbulletin.org/forum/attac...1&d=1325289905

Where is it?
Reply With Quote
  #55  
Old 21 May 2012, 12:52
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
As per the OP, that is a Pro-only feature


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #56  
Old 27 May 2012, 05:27
sivaganeshk sivaganeshk is offline
 
Join Date: Oct 2010
Originally Posted by DragonByte Tech View Post
That is entirely possible, could you try turning off memcached in vBSEO and see if that resolves the issue?


Fillip
I tried and disabled Memc'd in vbSEO . but no use.

I still get the config tampering notification.

"$vbulletin->config['Datastore']['prefix'] is new: NULL"
Reply With Quote
  #57  
Old 27 May 2012, 15:26
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
In that case I suggest going through all your installed mods and see if any of them make any such modifications to the $vbulletin->config array


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #58  
Old 27 May 2012, 15:33
sivaganeshk sivaganeshk is offline
 
Join Date: Oct 2010
Originally Posted by DragonByte Tech View Post
In that case I suggest going through all your installed mods and see if any of them make any such modifications to the $vbulletin->config array


Fillip
That's difficult buddy
how to check each and individual plugin ???
Reply With Quote
  #59  
Old 27 May 2012, 15:41
DragonByte Tech's Avatar
DragonByte Tech DragonByte Tech is offline
 
Join Date: Feb 2010
Real name: Fillip & Iain
It's what has to be done, unfortunately.

The error is not with vBSecurity, it's working as intended

You can turn off the notification for config.php variable tampering of course, but that would reduce the security of your forum, especially considering you already have one security breach going on (the tampering you keep getting notifs for).


Fillip
__________________
www.Dragonbyte-tech.com
Please support our mods by nominating them to MOTM!
Please do NOT PM us for support. Private Messages are only for exchanging sensitive details (like FTP / AdminCP logins).
Reply With Quote
  #60  
Old 27 May 2012, 16:05
sivaganeshk sivaganeshk is offline
 
Join Date: Oct 2010
Originally Posted by DragonByte Tech View Post
It's what has to be done, unfortunately.

The error is not with vBSecurity, it's working as intended

You can turn off the notification for config.php variable tampering of course, but that would reduce the security of your forum, especially considering you already have one security breach going on (the tampering you keep getting notifs for).


Fillip
Hmm.. I understand. I had been using vbSecurity for 4 months.
Haven't got this issue until I started using Memcached and changed the datastore settings in config.php

May be, vbSecurity stored old config content , checks new config content and raises the notification.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 10:04.

Layout Options | Width: Wide Color: