6
I got help from the person who actually build up HNN (heathernova.net) in the past and hosted it on his server. A very experienced guy.
So we analyzed lots of log files, looking what kind of attacks they are and finally build up IP tables to reject any of those requests and attacks to the server, starting from disabling unnessary tools and services to blocking IP addresses that tried to attack.
So since two days heathernova.net is quite stable!
Installing the Protector Module didn't yet work like explained in the manual unfortunatelly. We will try to install.
Looking at the description of the tool, it is so much necessary to protect Xoops! I am a bit concerned of the problems that could happen.
Quote:
Xoops Protector is a module to defend XOOPS2 from various and malicious attacks.
This module can protect a various kind of attacks like:
- DoS
- Bad Crawlers (like bots collecting e-mails...)
- SQL Injection
- XSS (not all though)
- System globals pollution
- Session hi-jacking
- Null-bytes
- Directory Traversal
- Some kind of CSRF (fatal in XOOPS <= 2.0.9.2)
- Brute Force
- Camouflaged Image File Uploading (== IE Content-Type XSS)
- Executable File Uploading Attack
- XMLRPC's eval() and SQL Injection Attacks
- SPAMs for comment, trackback etc.
Xoops Protector defends you XOOPS from these attacks, and it records into its log.
Of course, all vulnerablities can't be prevented.
Be not overconfident, please.
However, I strongly recommend installing this module to all XOOPS sites with any versions.
