You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 312 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Admi Secure 1.4 Released
Add Onsmadman writes "Admin Secure 1.4 released with new illegal html tag blocker function; examining IMG and IFRAME tags from input requests and block the request if these html tags contain invalid url. This also prevent known vulnerability where new admin account can be created throught hidden IMG tag once viewed by site admin. Even Admin Secure use admin account approval mechanism, this addition gives you more protection for another possible exploits such as SQL injection and cookie stealing thru the same method. Another additions are downloadable and uploadable banned IP list file, search IP address from session log, and more.

Features:
- Blocking known PHP-Nuke exploits.
- Prevent fake admin account access through input requests.
- Blocking cross-site scripting in modules.php and index.php files.
- Ensuring admin account session taken from cookie.
- Prevent unauthorized admin account creation, deletion, and modification.
- Compare admin account validity through "mirrored" database table.
- Changes to admin accounts (create, edit, delete) require God admin approval.
- E-mail notification. An alert sent along with additional info.
- Banning system for accessing site and PHP-Nuke modules.
- Log site activities.
- Flood Protection.
- And more.

Changes On This Version:
- Add: HTML tag checker (new PHP-Nuke security issue)
- Add: Downloadable activity log
- Add: Search IP address in activity log
- Add: Downloadable banned IP list
- Add: Uploadable banned IP list
- Update: SQL injection instruction as bb2nuke forum posts will NOT blocked
- Update: Javascript instruction as bb2nuke forum post will NOT blocked
- Update: Nicer blocking messages (I doubt you ever saw them:)
- Update: Exploit blocker now show a message instead redirect to main page
- Fix: Expired ban module not removed if banned person no longer visit your site

Download Link:
http://gp4tweaker.vadertrophy.com/cms/download-file-41.html
(no registration required)

Warning:
File Downloads may fail with connections behind strong firewall (stripping referral header) or download the file using 3rd party download manager such as GetRight, Download Accelerator, etc.

Admin Note: Excellent!"
Posted on Wednesday, March 31 @ 03:17:14 CEST by Daniel-cmw
 
Related Links
· More about Add Ons
· News by Daniel-cmw


Most read story about Add Ons:
Release Msn Block Checker 2.0

Article Rating
Average Score: 4
Votes: 6


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Admi Secure 1.4 Released (Score: 1)
by billybiker on Wednesday, March 31 @ 15:36:27 CEST
(User Info | Send a Message)
This sounds as if it should be incorporated in Nuke proper, however advice needed.

I am running 7.1 with the Chatserve security patch, which means that this release will change his altered main,admin,auth php files.

Help?



Re: Admi Secure 1.4 Released (Score: 1)
by manunkind1 on Thursday, April 01 @ 01:07:49 CEST
(User Info | Send a Message) http://www.pcsympathy.com
I just installed this on my 6.5 and it caused about a 15 second delay when loading pages. Anybody else see this kind of slow down on their site?



Re: Admi Secure 1.4 Released (Score: 1)
by hamesh on Thursday, April 01 @ 03:59:13 CEST
(User Info | Send a Message) http://www.belchfire.net
Awesome, and couldn't be more timely. Where can I send money to foster continued development?


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 1.195 Seconds - 143 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::