[vBulletin MOD] Setup an unique firewall for your forum

This is the firewall that I code and use on my forum. Many visitors have asked me if I could release it so I decide to take a step up and share it with everyone. This firewall is the Lite version which I takes out all unnecessary parts of the main version so it's pretty light and only costs you a few kb of bandwidth. But, think about it guys, it's much less than when someone attack your forum using DoS or even worse -DDoS that may take the whole system down for days.

http://www.silveryhat.com/images/smiles/mk/k6431613.gif

How does it look like ?
http://img45.imageshack.us/img45/3012/dnpfwrs7.jpg

Step 0ne - Prepare Data

Take few mins to download the 300Kb of style and images of the Firewall that I've attached along with this post. Or else, you can use the link below:
RapidShare: 1-Click Webhosting (http://rapidshare.com/files/41261325/dnp_firewall.rar)
Password to extract is delynie.silveryhat.com.

+ After the have all the files ready, go ahead and upload to your host. Remember, place all files under the main path of the forum (where your forum is installed), for instance:

- http://yoursite.com/
or
- http://yoursite.com/forumname

So, depend on where your board folder is, upload every files there. Mine is DnP Forum - Auto Flood Detecting Engine v0.3 Beta (http://www.silveryhat.com/delynie/), which the forum is located in delynie folder. (oh my gf http://www.silveryhat.com/images/smiles/mk/khi1752724.gif)

So we're ready for the last step http://www.silveryhat.com/images/smiles/mk/khi476486.gif

Step Two - Set it up
Well, bad news here cuz things turn out a little bit ugly. Some of us hate to do this since they move to vBulletin or you've never done this before. I tell you, we need to modify one of the source of vBulletin, that is php file. Why I don't make it like other releases that have the product manager take cares of the whole process instead of doing manually. Sorry mate, in the security purpose i don't want any plugin or product that can be changed if the malicious one can get into your ACP.

Now open global.php, look for:
<?php

AFTER THAT, paste this code.


/*Firewall Protection Gateway Lite v0.4 by Silvery Hat Hacker
-= An Addon for vBulletin 3.x =-
-= Copyright by Shacker © 2007. Any changes or re-distribution without permission is prohibited =-
-= A Product of DnP Forum =-
*/
session_start();
$UR_DOMAIN = 'http://www.silveryhat.com';
$TEN_COOKIE = 'dnp_firewall';

if ( strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'] ,'Googlebot')||strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'] ,'msnbot')||strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'] ,'slurp'))
{}
else{
if( file_exists($firewall) ){ require_once($firewall);}
if((strpos($_SERVER['HTTP_REFERER'], $UR_DOMAIN) !== 0)) {
if (empty($HTTP_SESSION_VARS['{$TEN_COOKIE}']))
{
if (!empty($HTTP_POST_VARS['{$TEN_COOKIE}']))
{
session_register('{$TEN_COOKIE}');
$HTTP_SESSION_VARS['{$TEN_COOKIE}']='myforum_protection';
header("location: ".$_SERVER['REQUEST_URI']);
exit();
}

$sform='<!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>
<html xmlns=http://www.w3.org/1999/xhtml>
<head>
<meta http-equiv=Content-Type content=text/html; charset=utf-8 />
<title>Protection Gate Lite v0.4 by Silvery Hat Hacker</title>
<link href=dnp_style.php rel=stylesheet type=text/css />
<script language=JavaScript><!--
//Anti-right click for all broswers by Shacker © 2006
//Redistributed for Vn communities by delynie.silveryhat.com
var message="";function clickIE() {if (document.all) {(message);return false;}}function clickNS(e) {if (document.layers||(document.getElementById&&!document.all)) {if (e.which==2||e.which==3) {(message);return false;}}}if (document.layers) {document.captureEvents(Event.MOUSEDOWN);document. onmousedown=clickNS;}else{document.onmouseup=click NS;document.oncontextmenu=clickIE;document.onselec tstart=clickIE}document.oncontextmenu=new Function("return false")
// -->
</script>
</head>
<body background="img/clean_orange_crystalxp_1600.jpg">
<table border=0 height=600 width=100%>
<tr><td align=center valign=middle>
<table width=468 class="table" align="center" border="0" cellpadding="0" cellspacing="0">
<tr><td height=25 width=35 class="tcat" colspan="0" align=center valign="middle"><img src="img/internet.gif"></td>
<td class="tcat" colspan="0" align=left width=318><STRONG>Forum Protection Gate Lite v0.4</STRONG></td>
<td class="tcat" colspan="0" align=center width=115>
</td></tr>
<tr><td colspan=3 height="25" id=Des align=center><strong style="color:#000066">&nbsp;Press the button below to access to the forum</strong>
</td>
<tr><td colspan=3 align=center bgcolor=#F7F7F7 class="vienall" style=filter:Alpha(Opacity:90);cursor:default><img src="img/home.jpg" border=0 title="Firewall Layout Designed by Silvery Hat Hacker"/>
</td></tr>
<form name=sercform method=POST action='.$_SERVER['REQUEST_URI'].'>
<tr><td height=25 colspan=3 align=center class="tbottom">
<input type=submit value="Enter" size=6 style=cursor:pointer name=shfirewall class=button></td></tr></form>
</table></div></td></tr>
<tr><td align=right><a href="http://delynie.silveryhat.com" target=_blank>Silvery Hat Hacker</a> &copy; 2007<BR>DnP Community</td></tr>
<tr><td align=right><a href="img/direction.jpg" target="_blank"><b>Can\'t access the forum because of Zone Alarm?</b></s></td></tr>
</table>
</body></html>
';
echo $sform;

exit();
}
}
}

Have you noticed at the very top of the code there are two variables that needed to be changed accordingly.

$UR_DOMAIN = 'http://www.silveryhat.com'; //Change to your exact domain name, or else you'll have trouble access into your forum. If there is no www. then put no www., for example http://vbmodder.com/. I'll improve this on the next version so we'll have no more problems around this.
$TEN_COOKIE = 'dnp_firewall'; //Name of the cookie. Specify it on your own as any ways you'd like it to be.



When you done with everything, save and upload global.php back on the host.

Finish, your board now is protected against most DDoS by Firewall Protection Gateway Lite v0.4
For even a better protection, I use double firewalls on my forum that soon I'll release it around so stay tune if you're interested!
Any questions please ask here, and comment or feedback are pretty much welcomed. Gudluk! and sorry for my bad english if you found a mighty mistake somewhere.

What comes in next version
+ A Customization front page.
+ Better domain recognize.

Nice hack. Thanks for releasing this here. Please place these instructions in a text file and attach to your release thread.

Thank you.

Wow! 1st time I actually hear of a Forum firewall! What's the server load like and also - does it tax page load or anything like that?

Interesting share though = Thanx!

Jacquii.

great release.. thanks alot..

This should be really good for seo, yeah?

I really done see anything diferrent about this, i just uploaded it into my server, nothing changes, since i have a template as a homepage and my forum has its own folder, like

metroconnections.net - homepage then forum metroconnections.net/forums

so upload the img folder and the dnp_style.php in the forums folder or have the img? mixed in with the forums image folders? this seems to be a great firewall to use and i wanna know if its the right way to do or maybe you could help? or give more specific instructions on what and where to place all these files, since there are only two you provided

I used this and when it comes up, it says i have a security token missing, i dont know what could be missing but can you help since you made this? lol