For a limited-time, upgrade to +Blizzard for $35 USD and receive the following:

— a free copy of Oblivion Light.
— a free copy of WebFlake Trackers Bundle.
— a free WF Halloween Member Badges (PSD).

You can visit this thread below for more details regarding the original promotion.
CLICK HERE

Contact @Davlin to make a purchase or for questions / comments.

Jump to content
scooterdud

Security for IPB

Recommended Posts

Is there any software to use with IPB to prevent virus/mallware and also SQL injection

Share this post


Link to post
Share on other sites

Hardly that IPS will be easy to sql inject or anything, since they fix those security issues pretty fast. I would more think that would be caused because of some 3rd party addons/plugins that you add.

Share this post


Link to post
Share on other sites
On 11/1/2018 at 4:27 PM, scooterdud said:

Is there any software to use with IPB to prevent virus/mallware and also SQL injection

Nope as normal would not have issue with this platform as any big issues get fixed fast with patches.

Share this post


Link to post
Share on other sites
On 11/1/2018 at 12:27 PM, scooterdud said:

Is there any software to use with IPB to prevent virus/mallware and also SQL injection

Well it depends what type of attacks you are trying to block. You can modify your PHP.ini to block some attacks by changing the values of

allow_url_include = "0"

allow_url_fopen = "0"

Disable Dangerous functions in PHP if you dont need them

disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,shell_exec,proc_open,popen,system,exec,

Also and probably more important is to use open_basedir to block remote attacks on system files, this allows your code to only open files in specific directories protecting sensitive system files.

If using Nginx block scripts from being run in upload directories

        location ~ /gallery/(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ {
           deny all;
        }

        location ~ /uploads/(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ {
           deny all;
        }

        location ~ /downloads/(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ {
           deny all;
        }

        location ~ /files/(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ {
           deny all;
        }

 

There are many other ways to tweak and protect your serer and applications but most importantly keep it updated with the latest security fixes

Edited by PlanetMaster
  • Like 3

Share this post


Link to post
Share on other sites
What do you think? Remember the human.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×