Question vBSecurity 1.1.1 flood of config.php variable tampering

Not open for further replies.
Forum version
vBulletin 4.2.x
I am receiving many emails almost on the minute-


vBSecurity has detected a security alert regarding config.php Variable Tampering:
$vbulletin->config['Misc']['admincpdir'] changed from 'admincp' to ''
$vbulletin->config['Misc']['modcpdir'] changed from 'modcp' to ''
$vbulletin->config['Misc']['admincpdir'] changed from 'admincp' to ''
$vbulletin->config['Misc']['modcpdir'] changed from 'modcp' to ''
$vbulletin->config['Datastore']['prefix'] is new: NULL

The actions you have configured in the Security Center have been taken.

Please log in to your AdminCP and the Security Center: for guidelines on how to correct the issue.

vBSecurity - vBulletin Security
I am using a mod ,

Template Modification System 1.2.0 Beta 4 Patch Level 1 This Modification allows automatic managament of Template-Modifications

Maybe it is conflicting? Maybe it's dbSEO?, which I have just purchased the Pro version.

I am receiving these emails when no live human should be accessing the admincp. Lately it has been just me and when I'm offline I am getting these alerts.

Also, because the links are being rewritten I cannot easily read them, but could go to the admincp.


Staff member
You appear to be using a mod that converts the config.php variables to absolute URLs rather than relative folders.

I recommend trying to disable your mods one-by-one until the flood stops, to figure out which one it is. Many areas of vB rely on the admincpdir and modcpdir variables remaining as folder names.
Not open for further replies.


vBulletin 3.8.x vBulletin 4.x.x
DragonByte Technologies
Release date
Last update
Total downloads
Customer rating
0.00 star(s) 0 ratings