Hey all,
We're releasing vBSecurity v2.0.0 in order to overhaul the modification to improve performance, as well as adding a multitude of new features.
The "Security Watchers" system has been completely rebuilt in order to improve performance. Prior to v2, all the historical data was being loaded more frequently than needed, due to the storage mechanism used. This has now been amended, and the result is a much speedier experience for you an your users.
Further to improving performance, we've added options of pruning old entries from the adminstrikes, loginstrikes and ipverify tables. The data in these tables is usually not relevant after a certain time period, so by default it prunes data older than 30 days. If you'd prefer, you can disable the pruning entirely using the vBulletin Options for this mod.
We've also expanded upon the "Watcher Actions" system. You are now able to define more than two actions per watcher, by simply saving the existing configuration then loading the page again. The priority order used is the order in which the actions are defined, so plan accordingly.
Two new Security Watchers have been added, "Failed Logins: Non-Existent Usernames" and "Failed Mass Logins: Non-Existent Usernames". These watchers specifically deal with login attempts against usernames that don't exist in your database, letting you target people that are most likely running some form of bot or automated script to attempt to brute force an account.
Related to these new watchers, we have added a new detection mechanism for logins that happen after the user has failed one or more login attempts. An alert will be sent to the "Webmaster Email" with the IP address of the potentially malicious user, as well as the user name they logged in with. This will let you search the logs for further information so you can take the appropriate action.
Lastly, we've added a searchable log to display the IP addresses that are being banned by vBSecurity. This will not be retroactive, but any future IP bans will be logged correctly.
If you like the product you can show your support by nominating it for mod of the month here: vBSecurity v1 (vB4) - vBulletin.org Forum or here vBSecurity v1 [AJAX] (vB3) - vBulletin.org Forum, and also please rate it to help cancel out the users who 1 star our mods.
Complete Change Log
vBSecurity v2.0.0
New Features:
(Pro) New Security Watcher: "Failed Logins: Non-Existent Usernames"
(Pro) New Security Watcher: "Failed Mass Logins: Non-Existent Usernames"
(Pro) Compromised Accounts Detection
(Pro) IP Ban Log Viewer
Multiple Watcher Actions
Log Pruning
Changes To Existing Features:
Security Watcher Log
As always, thank you for your continued support
Discuss this news here.
We're releasing vBSecurity v2.0.0 in order to overhaul the modification to improve performance, as well as adding a multitude of new features.
The "Security Watchers" system has been completely rebuilt in order to improve performance. Prior to v2, all the historical data was being loaded more frequently than needed, due to the storage mechanism used. This has now been amended, and the result is a much speedier experience for you an your users.
Further to improving performance, we've added options of pruning old entries from the adminstrikes, loginstrikes and ipverify tables. The data in these tables is usually not relevant after a certain time period, so by default it prunes data older than 30 days. If you'd prefer, you can disable the pruning entirely using the vBulletin Options for this mod.
We've also expanded upon the "Watcher Actions" system. You are now able to define more than two actions per watcher, by simply saving the existing configuration then loading the page again. The priority order used is the order in which the actions are defined, so plan accordingly.
Two new Security Watchers have been added, "Failed Logins: Non-Existent Usernames" and "Failed Mass Logins: Non-Existent Usernames". These watchers specifically deal with login attempts against usernames that don't exist in your database, letting you target people that are most likely running some form of bot or automated script to attempt to brute force an account.
Related to these new watchers, we have added a new detection mechanism for logins that happen after the user has failed one or more login attempts. An alert will be sent to the "Webmaster Email" with the IP address of the potentially malicious user, as well as the user name they logged in with. This will let you search the logs for further information so you can take the appropriate action.
Lastly, we've added a searchable log to display the IP addresses that are being banned by vBSecurity. This will not be retroactive, but any future IP bans will be logged correctly.
If you like the product you can show your support by nominating it for mod of the month here: vBSecurity v1 (vB4) - vBulletin.org Forum or here vBSecurity v1 [AJAX] (vB3) - vBulletin.org Forum, and also please rate it to help cancel out the users who 1 star our mods.
Complete Change Log
vBSecurity v2.0.0
New Features:
(Pro) New Security Watcher: "Failed Logins: Non-Existent Usernames"
- Checks for logins against a single username that doesn't exist
- Lets you take separate action towards bots trying to login with stolen user credentials that don't exist on your site
- Integrates into the existing "Logins" watcher group
(Pro) New Security Watcher: "Failed Mass Logins: Non-Existent Usernames"
- Checks for logins against multiple usernames that don't exist
- Lets you take separate action towards bots trying to login with stolen user credentials that don't exist on your site
- Integrates into the existing "Logins" watcher group
(Pro) Compromised Accounts Detection
- Alerts the webmaster if someone has failed multiple logins and then successfully logs in to an account
- Lets you search the logs for the IP address in question to determine whether this is legitimate
(Pro) IP Ban Log Viewer
- Browsable and searchable log of all banned IP addresses (from the point of installing v2)
- Lets you ensure no legitimate members are banned
Multiple Watcher Actions
- Define more than 2 actions per watcher
- Prioritised in the order they are defined
- Gives you even more fine-tuned control over the actions taken against potential intruders
Log Pruning
- Old entries from the adminstrikes, loginstrikes and ipverify tables can be automatically pruned
- Settable in the vBulletin Options
- Defaults to pruning data older than 30 days
Changes To Existing Features:
Security Watcher Log
- Rewritten to improve performance
- Uses a dedicated log table instead of using the datastore
As always, thank you for your continued support
Discuss this news here.
