Bug False alerts involving config.php file

Status
Not open for further replies.
Iggy

Iggy

New member
I keep receiving false alerts regarding the config.php file being tampered with, also the link at the bottom in these false alert emails isn't correct.

Greetings,

vBSecurity has detected a security alert regarding config.php Variable Tampering:
$vbulletin->config['Misc']['admincpdir'] changed from 'admincp' to
'http://www.rejecthaven.net/4um/admincp'
$vbulletin->config['Misc']['modcpdir'] changed from 'modcp' to
'http://www.rejecthaven.net/4um/srsbsns2'
$vbulletin->config['Misc']['admincpdir'] changed from 'admincp' to
'http://www.rejecthaven.net/4um/modcp'
$vbulletin->config['Misc']['modcpdir'] changed from 'modcp' to
'http://www.rejecthaven.net/4um/modcp'

The actions you have configured in the Security Center have been taken.

Please log in to your AdminCP and the Security Center:
http://www.rejecthaven.net/4um/http...?do=security&action=watchers&category=general
for guidelines on how to correct the issue.
 
Last edited:
Those aren't false alerts. What those alerts do is reload the config.php file and compare it to the $vbulletin->config array, and if that has changed to include http (which is not the correct method of altering that variable) after config.php has loaded it is correct of it to alert you.

vBulletin does not natively change the admincpdir or modcpdir to include HTTP as that would break a multitude of uses for it. That is incidentally also why the link is wrong.

Please look through your plugins for any that may alter the admincpdir and modcpdir variables and disable those plugins.
 
Thanks, I think I found the problem. I turned off vBadvanced CMPS and the alerts stopped. So I enabled it again, and the alerts came back. Now I just have to find exactly where the issue is with vBadvanced.
 
I bet it's due to the way they handle placing the cmps in a different folder to the forum, this seems to conflict with every single mod in existence.

I guess I have to add an exclusion from the alert or something... Ill never be free of their crap...
 
This I believe is the first issue I've had with vBadvanced, that I am aware of anyway. Thanks so much for your time, this addon is great!
 
Status
Not open for further replies.

Similar threads

pcam
  • Locked
  • Support ticket Support ticket
Question vBSecurity 1.1.1 flood of config.php variable tampering
Tags Tags
beta category config.php datastore dbseo disable forum issue live modification mods new php prefix pro ten url variable tampering variables vbsecurity vbulletin version
Replies
1
Views
3K
Fillip H.
Fillip H.
L
  • Locked
  • Support ticket Support ticket
Question Ungent Help Config.php Variable Tampering
Tags Tags
config.php disable help issue link mods php plugins server variable tampering vbsecurity vbulletin
Replies
3
Views
3K
Fillip H.
Fillip H.
AAMT
  • Locked
  • Support ticket Support ticket
Question vBSecurity and config.php
Tags Tags
config.php install mods php update variable tampering vbadvanced vbsecurity vbulletin
Replies
6
Views
4K
Fillip H.
Fillip H.
S
  • Locked
  • Support ticket Support ticket
Question How do I know which alert is real
Tags Tags
admincp config.php forum issue php plugins url variable tampering variables vbsecurity vbulletin
Replies
2
Views
775
stev
S
R
  • Locked
  • Support ticket Support ticket
Bug URL rewriting doesn't work help for config or fix possible bug
Tags Tags
admincp bug dbseo failed forum forums help htaccess html import install no such file open page not found php rules support ten thread update upload url vbadvanced vbseo vbulletin xml
Replies
4
Views
1K
Fillip H.
Fillip H.

Legacy vBSecurity

vBulletin 3.8.x vBulletin 4.x.x
Seller
DragonByte Technologies
Release date
Last update
Total downloads
816
Customer rating
0.00 star(s) 0 ratings
Back
Top