ZB Block, the php security pre-parser and anti-spam script (which uses the StopForumSpam database), has had a new release.

This script is GNU/GPL V2 Freeware, so it is my hope that no one has a problem with it being listed here. If any mods/admin have a problem with this being posted here, please feel free to move or remove it.

In the last 2 releases...

0.4.4 changes:

*Bugfix: Turned off that annoying super debug mode that snuck in, in the last version.

*Bugfix: Bad signature in last installer changed.

*Feature: Added PHP-Nuke registration checker capability.

0.4.5 "Jedi Potato" changes

*Feature: Staged Registration Checker
1.If IP is not found in local bannedips.csv then...
2.Then check live StopForumSpam.com database. If not found there...
3.Then check live hosts-file.net database. If not found there...
4.Then check TOR project.
If found at any stage before 4, the rest of the checks are skipped to speed things up, and save load on other databases.

*Feature: Compatibility Layer File. This file is for touchy signatures that are incompatible with some scripts/fourms/blogs/cmses out there. The the weakest (but still strong) version ships with ZB Block. For more strength, download the one that fits your package from the ZB Block download page. Feel free to request new compatibilty layer files if you need one.

*Feature: Ignore Remote Databases IF IP= OR IP=192.168.x.y for registration. All other blocks still active. This is part of the compatibility layer file so additions/deletions are kept.

*Feature: New HTTP header returns to alert admins of compromised servers that they are being abused by robots/hackers. The new fields are...
a.Warning: 199 <yourhostname>:80 <reason> <yourhostname>
b.Abuse: <reason>
These are output along with the 403 errors, but skipped once the attacker falls into 503 hell. Not supported by many servers, but still a good way if adopted as per RFC 2616 (Warning: 199) and my own "human readable" idea (Abuse: , as Warning: 199 is in such rare use that most admins might be confused), to alert the innocent.

*Change: Default behavior is now to write killed_log.txt to a human readable area, as it causes no security risk, and helps for rapid debugging of problems reported by users.

*Change: Signature files now model numbered internally in comments.

*Change: Appendix added to manual on how to handle compatibility.inc

*Bugfix: Due to some servers not having adequate php execution times, most of the pauses have been removed. You can turn them back up after install in the .ini to suit your taste.


Quite a bit of work went into this, and I am pooped! Remember to update signatures as soon as you get the program installed, as fresh signatures are not "slipstreamed" into the release builds.

Downloads Here: http://www.spambotsecurity.com/zbblock_download.php

Info About ZB Block Here: http://www.spambotsecurity.com/zbblock.php


P.S. 0.4.5 is named Jedi Potato for all the hard work Spudz put into it getting Joomla and Wordpress compatibility working.