Mind blowing SEO improving and Google rank increasing Signature Rotator SEO Tool.

Thread: 

My Forum ~ it is Secure ?

Ads
banner
banner
banner
Jessi Offline referral

Posts: 6
Joined: Aug 2014
Reputation: 0

#1
Junior Member
Hello guys,
Those are the changed that i've done for an better security in my forum.
1) Changed Admin Directory
2) Set Admin CP PIN
3) .htaccess file to the directory /inc.
4) Allow logging in my Admin CP only from my IP.
5) Password Protect Directories for Admin files.
6) MyBB latest version to show , i set OFF.
7) Secured my account from attacks

But the last thing that i am trying to do is to install the firewalls called
ConfigServer Firewall :: Advanced Protection and
PHP Website Firewall
but which Firewall it is better, how to install ! 001_sad
victor Offline referral

Posts: 638
Joined: Jun 2013
Reputation: 33

#2
Senior Member
I am not an expert in this but @Marcus_Avrelius shoud be able to help you with this. What I can recommend you is not to reveal which user is administrator.

In other words many forums make it easy for someone interesting in hacking that forum by identifying who's webmaster, moderator and super-moderator just show something like LetsForum "Forum stuff".
marcus_avrelius Offline referral

Posts: 2,424
Joined: May 2013
Reputation: 102

#3
Support Team
Hi you did a great job securing your forum! There is a simple but working PHP firewall called "[b]php-firewall[/b]"

It's pretty easy to install.

Download PHP firewall here: https://code.google.com/p/php-firewall/d...p&can=2&q=

Unzip the content of that file.

Using FTP FileZilla upload the entire folder called php-firewall to where global.php file is stored (Main directories where you see folder like images, inc, cache, uploads).

Using FTP FileZilla go inside the "php-firewall" find file called logs.txt right click it and in the popup menu select File Permissions where it says numeric value enter 777 and press OK.

Now again using FileZilla in the main root directory find
PHP Code:
global.php 
download it to your computer then open it with Notepad and on top of the screen find:
PHP Code:
< ?php 

Add below:
PHP Code:
define('PHP_FIREWALL_REQUEST_URI'strip_tags$_SERVER['REQUEST_URI'] ) );
define('PHP_FIREWALL_ACTIVATION'true );
if ( 
is_file( @dirname(__FILE__).'/php-firewall/firewall.php' ) )
    include_once( @
dirname(__FILE__).'/php-firewall/firewall.php' ); 

The code should look like this:
PHP Code:
<?php
define
('PHP_FIREWALL_REQUEST_URI'strip_tags$_SERVER['REQUEST_URI'] ) );
define('PHP_FIREWALL_ACTIVATION'true );
if ( 
is_file( @dirname(__FILE__).'/php-firewall/firewall.php' ) )
    include_once( @
dirname(__FILE__).'/php-firewall/firewall.php' ); 
/**
 * MyBB 1.6
 * Copyright 2010 MyBB Group, All Rights Reserved
 *
 * Website: http://mybb.com
 * License: http://mybb.com/about/license
 *
 * $Id$
 */ 

Save it and then upload it to your server where global.php is. I t will tell you that this file already exists so just choose overwrite.

Let me know if you have any further questions.
Jessi Offline referral

Posts: 6
Joined: Aug 2014
Reputation: 0

#4
Junior Member
Done, but it is any way to control this firewall for e.x to find attackers or something else . ? Thanks
marcus_avrelius Offline referral

Posts: 2,424
Joined: May 2013
Reputation: 102

#5
Support Team
Download and check your logs.txt file to see what is going on Smile
maya Offline referral

Posts: 1,058
Joined: May 2013
Reputation: 34

#6
Posting Freak
Stay away from MYBB plugins that are know to make your forum vulnerable.





User(s) browsing this thread: 1 Guest(s)