Has anybody here ever been using ZB Block on a xoops installation?

ZB Block

If yes, in which files and were did you place the "hook"?

Finally ... I managed to get it working and this thing is a blessing. I had huge issues with brute force login attemps and refresh spamming bots, than they are all gone. After tweaking the configuration file a little bit it's just great.

I would love to see this implemented into Xoops core!

Quote:
Please share what was required to make it work...

Quote:
Normally, Protector should take care of it, but if I remember correctly, you didn't use Protector due to some conflicts with your other software, right?

I didn't look deep enough into it, but it seems like there an overlap with Protector...

Maybe some of the experts could take a look into these two and see if we can incorporate some of the ZB Block features into the Protector that are currently not there...

I am hopefully completing a major project for one of my classes today which will leave me some time. I will only have one more major project but it won't be due until 2nd week in December.

At this time Richard is getting very efficient at converting to Doctrine so I am devoting my spare time to securing Xoops.

I am starting with Profile to get it locked down and secured (Not going to be a simple project but not too bad) and I will be looking at improving Protector. It would make sense to incorporate this in some way as well.

When I look into this I will be interested in any other security scripts that are available. Or sites that have blacklists etc. I know of Xortify as one of them out there but I would be interested in any others as well.

Rodney

Quote:

In order to make it work, the only things I had to do was installing it with the right permissions. I couldn't find all the perfectly appropriate descriptions in the manual and after untraing the file directly on the server via tar -xvzf command all the files that needed to be writable were writable.

After that you simply have to run a setup script, which is absolute piece of cake. Once that is done, you get the so called "hook", which is basically a line of PHP code, you can then throw into mainfile.php, right before the first php-tag opens. It's important that there is no space inbetween "><"

Once that is done the script is up and running.

After that I noticed, that it's really restrictive, since quite a few ISP's around the globe are simply locked out. Which led me to deleting all the lines in signatures.inc which had $hoster in it. Once that was done I got no more complaints from visitors, that they get a 404 or 503.