Results 1 to 2 of 2

Thread: ZB Block 0.4.5 (PHP Security Pre-Parser) Released

  1. #1
    zaphod is offline Unknown Net Builder
    Join Date
    Apr 2009
    Location
    Casper, WY, USA
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Smile ZB Block 0.4.5 (PHP Security Pre-Parser) Released

    ZB Block, the php security pre-parser and anti-spam script (which uses the StopForumSpam database), has had a new release.

    This script is GNU/GPL V2 Freeware, so it is my hope that no one has a problem with it being listed here. If any mods/admin have a problem with this being posted here, please feel free to move or remove it.

    In the last 2 releases...

    0.4.4 changes:

    *Bugfix: Turned off that annoying super debug mode that snuck in, in the last version.

    *Bugfix: Bad signature in last installer changed.

    *Feature: Added PHP-Nuke registration checker capability.

    0.4.5 "Jedi Potato" changes

    *Feature: Staged Registration Checker
    1.If IP is not found in local bannedips.csv then...
    2.Then check live StopForumSpam.com database. If not found there...
    3.Then check live hosts-file.net database. If not found there...
    4.Then check TOR project.
    If found at any stage before 4, the rest of the checks are skipped to speed things up, and save load on other databases.

    *Feature: Compatibility Layer File. This file is for touchy signatures that are incompatible with some scripts/fourms/blogs/cmses out there. The the weakest (but still strong) version ships with ZB Block. For more strength, download the one that fits your package from the ZB Block download page. Feel free to request new compatibilty layer files if you need one.

    *Feature: Ignore Remote Databases IF IP=127.0.0.1 OR IP=192.168.x.y for registration. All other blocks still active. This is part of the compatibility layer file so additions/deletions are kept.

    *Feature: New HTTP header returns to alert admins of compromised servers that they are being abused by robots/hackers. The new fields are...
    a.Warning: 199 <yourhostname>:80 <reason> <yourhostname>
    b.Abuse: <reason>
    These are output along with the 403 errors, but skipped once the attacker falls into 503 hell. Not supported by many servers, but still a good way if adopted as per RFC 2616 (Warning: 199) and my own "human readable" idea (Abuse: , as Warning: 199 is in such rare use that most admins might be confused), to alert the innocent.

    *Change: Default behavior is now to write killed_log.txt to a human readable area, as it causes no security risk, and helps for rapid debugging of problems reported by users.

    *Change: Signature files now model numbered internally in comments.

    *Change: Appendix added to manual on how to handle compatibility.inc

    *Bugfix: Due to some servers not having adequate php execution times, most of the pauses have been removed. You can turn them back up after install in the .ini to suit your taste.

    *** END OF CHANGES ***

    Quite a bit of work went into this, and I am pooped! Remember to update signatures as soon as you get the program installed, as fresh signatures are not "slipstreamed" into the release builds.

    Downloads Here: http://www.spambotsecurity.com/zbblock_download.php

    Info About ZB Block Here: http://www.spambotsecurity.com/zbblock.php

    Zap

    P.S. 0.4.5 is named Jedi Potato for all the hard work Spudz put into it getting Joomla and Wordpress compatibility working.

  2. #2
    Mike-XS's Avatar
    Mike-XS is offline XeroAgent
    Join Date
    Sep 2009
    Location
    OZ
    Posts
    209
    Thanks
    30
    Thanked 109 Times in 71 Posts
    Hi Zaphod, thanks for the update. Keep up the good work.

Similar Threads

  1. RSS Parser
    By Andy101 in forum Programming
    Replies: 1
    Last Post: 12 October, 2010, 15:56 PM
  2. Replies: 0
    Last Post: 19 April, 2010, 08:57 AM
  3. [MyBB] - MyBB 1.4.12 Released – Security & Maintenance Update
    By StephenM in forum Community Software
    Replies: 0
    Last Post: 13 April, 2010, 03:37 AM
  4. [WTS] PHP Security Audit (by a PHP Security Expert)
    By SeriousBiz in forum Services
    Replies: 0
    Last Post: 2 August, 2009, 08:12 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •