Question vBSecurity and config.php

Status
Not open for further replies.
AAMT

AAMT

New member
hi
is there a way to change the configuration of vbsecurity to look for example.php insted of config.php in Variable Tampering?

in other words, I changed include/config.php to include/example.php ... and when I install Vbsecurity and configure it

I received a message " Security Alert: config.php Variable Tampering Detected!" while "config.php" is not the real config file it is a fake.
 
You can change /dbtech/vbsecurity/hooks/global_complete.php to look for your new config.php file instead :)
 
vBSecurity is already compliant with those changes, as it fetches the new "admincpdir" and "modcpdir" from config.php.

If you've found cases where this is not true, please let me know and I will fix it A.S.A.P. :)
 
Got this message !

Greetings,

vBSecurity has detected a security alert regarding config.php Variable Tampering:
$vbulletin->config['Misc']['admincpdir'] changed from 'examplecp' to 'http://www.*****.com/vb/examplecp'
$vbulletin->config['Misc']['modcpdir'] changed from 'example2cp' to 'http://www.*****.com/vb/example2cp'
$vbulletin->config['Misc']['admincpdir'] changed from 'examplecp' to ''http://www.*****.com/vb/examplecp'
$vbulletin->config['Misc']['modcpdir'] changed from 'example2cp' to 'http://www.*****.com/vb/example2cp'

The actions you have configured in the Security Center have been taken.
Click to expand...

Any idea please ?
 
Somewhere along the line, one of your other installed mods alter the variable. vBSecurity is correct to report it :)

Most likely it's vBAdvanced or some other mod that runs its files outside the normal confines of vBulletin, so they update the variable in order to make it work with less effort.

I'd recommend disabling all other addons, resetting the watchers, and then seeing if the message still appears.
 
Status
Not open for further replies.

Similar threads

H
  • Locked
  • Suggestion Suggestion
Legacy Tampering Detected
Replies
0
Views
1K
highlander
H
R
  • Locked
  • Support ticket Support ticket
Question Failed emails gets re-added to the queue, resulting in a huge queue
Replies
4
Views
2K
DragonByte Technologies
DragonByte Technologies
Cheyenne
  • Locked
  • Support ticket Support ticket
Question Confusing Update
Tags Tags
called directory folder inside update
Replies
2
Views
1K
Cheyenne
Cheyenne
DragonByte Technologies
Add-on DragonByte Shop 6.1.0rc1 [XenForo]
Replies
0
Views
5K
DragonByte Technologies
DragonByte Technologies
Nirjonadda
  • Locked
  • Support ticket Support ticket
Bug Cannot View Option setting
Replies
4
Views
536
Fillip H.
Fillip H.

Legacy vBSecurity

vBulletin 3.8.x vBulletin 4.x.x
Seller
DragonByte Technologies
Release date
Last update
Total downloads
816
Customer rating
0.00 star(s) 0 ratings
Back
Top