= SUMMARY =
Xoops Protector is a module to defend XOOPS2 from various and malicious attacks.
This module can protect four kind of attacks like:
- DoS
- SQL Injection
- XSS
- System global variable pollution
Xoops Protector defends you XOOPS from these attacks, and it records into its log.
Of course, all vulnerablities can't be prevented.
Be not overconfident, please.
However, I
strongly recommend installing this module to all XOOPS sites with any versions.
= RELATION to AntiDoS-P =
The antecedent of Xoops Protector was AntiDoS-P.
Since all functions of AntiDoS-P has been succeeded in Xoops Protector, you'd better to uninstall AntiDoS-P.
= USAGE =
Please install it as well as a usual module.
Turn "Protector block" on and put the block top of left side by blocks admin.
Turn the block's permission on to all groups by groups admin.
You can do that easily by using Blocks&Groups Admin of Protector.
I strongly recommend calling this module from mainfile.php also.
After Xoops Protector is installed, edit your mainfile.php like this:
define('XOOPS_GROUP_ADMIN', '1');
define('XOOPS_GROUP_USERS', '2');
define('XOOPS_GROUP_ANONYMOUS', '3');
include( XOOPS_ROOT_PATH . '/modules/protector/include/precheck.inc.php' ) ;
if (!isset($xoopsOption['nocommon'])) {
include XOOPS_ROOT_PATH."/inc";
}
Insert a line just before the line of
if (!isset($xoopsOption['nocommon'])) {
Both pre-check and block-check are needed.
When you turn this on, you have to check if your IP is included in
"Enter IP addresses that should be banned from the site".
Unfortunately you are banned by some troubles, access
http://(your xoops)/modules/protector/admin/rescue.php
Beforehand to use this feature, you have to set the password in preferences of XoopsProtector.