nukeSEO.com - PHPNuke SEO Search engine optimization, professional tools including nukeSEO, nukeSPAM, nukeFEED, nukePIE, nukeWYSIWYG and more

 

. Welcome to nukeSEO.com  ! 
.
.
.


.
. . .
 Coming soon: nukeERROR (tm) 
.
.
nukeERROR (tm)

Problem

Site error logs showed multiple attempts to find certain files (e.g. profile.php, wp-content) that were known to be vulernable, and yet were never in use on the impacted site. This was clearly a bot looking to identify sites that could be compromised.

Solution

A 404 page script could unobtrusively block bad bots don't respect robots.txt directives and bots / scanners looking for know vulnerabilities. Basically, it would include a list of files checked by bad bots (not including files used by RavenNuke, for example). It would not rely on potentially-spoofed user agents or IP addresses.

Announcing nukeERROR™, featuring ZB Block, to provide several features for any website that supports PHP, including, but not limited to, PHP-Nuke and RavenNuke-based sites.  nukeERROR™ planned features include:

  • 404 page integration with ZB Block and a custom signature to detect and block vulnerability scanners
  • File-based configuration and logging to reduce resources (compared with database access)
  • Configurable use of Internet Storm Center (ISC) Collaborative 404 reporting (not currently working)
  • Configurable delay to reduce impact of mass attacks (currently fixed)
  • Configurable template, including samples (planned), supporting 403, 404, 405, 408, 500, 502 and 504 error pages with a configurable, single-language message
  • Configurable use of Google Webmaster Tools 404 page search (also depends upon template

If you're interested in participating in a Beta test or have comments or suggestions regarding nukeERROR™, please provide them here.



 
.
. Posted on Monday, December 29, 2014 @ 23:50:27 CST by kguske   .
.
 
click Related        click Rate This        click Share

Sorry, Comments are not available for this article.


Page Generation: 0.02 Seconds