DnP PHP Gateway Firewall

This modification/plugin is obsolete. Use as your own experiment.


defaultDnP Gateway is an old PHP firewall that was mainly designed to defend our blog The Arts of Martial Arts during a DoS attack about 7 years ago. This firewall can also work as a spam filter because it blocks unknown automated bots by default.

Here are the main features of this plugin :

  • Denies access of unwanted bots.
  • Blocks auto spam and malicious scripts.
  • Reduces flood attack and conserves server resources.
  • forbeActs as a capture page / intro page for your blog or forum.
  • SEO Friendly – Google has no problem indexing your website.
  • No database required, extremely fast.
Download DnP Gateway v1.4

Note

Even though the DnP Gateway may reduce the damage of a low-level DoS attack, it does not guarantee that all of the effects of an attack could be completely avoided. I do not hold any responsibility for your use of DnP Gateway. There is no software firewall that could be as effective as a hardware firewall.

You are free and encouraged to modify the skin of the Gateway page in dnp_fw_template.php but please respect and leave the copyrights intact. Additional templates are also available if you’d want different look.  DnP Gateway also acts as an Intro page for your website if you fill it up with rich information content of your site. Adsense or other Ads could be placed here to maximize your revenue since every visitor will need to pass the Intro page before proceed on.

Installation for vBulletin Forum

Installation for vBulletin Forum

Upload all files from package to your forum_root

Open global.php using Notepad.

Why global.php ? Because global.php is the core file of vBulletin system , it is also the initial startup file that calls important database queries and keeps sensitive information. The Firewall comes before any of the processes run to prevent direct damage to the forum. That is the reason why DnP Firewall does not use any hook or come as an automatic plugin like other MOD

Find

// identify where we are
define(‘VB_AREA’, ‘Forum’);

Add BEFORE

if(file_exists(‘dnp_fw.php’)){require_once(‘dnp_fw.php’);}

Simply remove this line to deactivate the firewall.

Save and Reupload global.php to your server. Done!

What are the Search Engines / Bots allowed by DnP Gateway ?

List of Search Engines can be found in dnp_fw_config.php file. Here is the original code


//List of Search Engine Agents
$UserAgent = array(
‘Googlebot’,
‘msnbot’,
‘slurp’,
‘fast-webcrawler’,
‘Googlebot-Image’,
‘teomaagent1’,
‘directhit’,
‘lycos’,
‘ia_archiver’,
‘gigabot’,
‘whatuseek’,
‘Teoma’,
‘scooter’,
‘Ask Jeeves’,
‘slurp@inktomi’,
‘gzip(gfe) (via translate.google.com)’,
‘Mediapartners-Google’,
‘crawler@alexa.com’
);

To permit another Search Engine, simply add search engine agent name before:

);

Example :

//List of Search Engine Agents
$UserAgent = array(
‘Googlebot’,
‘msnbot’,
‘slurp’,
‘fast-webcrawler’,
‘Googlebot-Image’,
‘teomaagent1’,
‘directhit’,
‘lycos’,
‘ia_archiver’,
‘gigabot’,
‘whatuseek’,
‘Teoma’,
‘scooter’,
‘Ask Jeeves’,
‘slurp@inktomi’,
‘gzip(gfe) (via translate.google.com)’,
‘Mediapartners-Google’,
‘crawler@alexa.com’
‘new-custome-seach engine’
);


Sorry, Connection from your IP Address is not allowed!

Sorry, Connection from your IP Address is not allowed!

Sounds like something deadly gone wrong, doesn’t it? Actually it is just DnP Firewall Gateway being too overprotective for your website.

The reason you see this message is because the request information sent by an untrusted domain. The firewall compares a connection’s current location to a defined domain list , and if it does not match anything that means it is receiving information from a foul source. However, this may happen for the first time when you have not properly configured the domain list. You can easily add or modify this list in dnp_fw_config.php file.

This is how the domain list section looks like in this file :

//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : ‘google.com’ , ‘www.google.com’
$Forum_domain = array(
‘http://’,
‘http://www.’,
);

I highly recommend all webmasters who are using DnP Gateway come to setup the domain list for their website. Thus it is not mentioned in the installation step, it is necessary to change the default values to strengthen the firewall.

If your domain name is alphabetical , define both values with and without www.

Example :


//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : ‘google.com’ , ‘www.google.com’
$Forum_domain = array(
‘http://silveryhat.com’,
‘http://www.silveryhat.com’,
);

If your domain name is ip address , use only the ip address and no www to be placed anywhere.
Example :


//Your forum *domain only*
//Define domain with and without www
//Do not add trail at the end
//Example : ‘google.com’ , ‘www.google.com’
$Forum_domain = array(
‘http://255.255.255.0’,
);

No trail at the end for all cases.
A backup file should always be kept just in case.
Save all changes when you’re done editing and reupload the file back to server.

How to change DnP Gatway Template ?

Open dnp_fw_template.php with Notepad or any Webpage Editor.

1 – For official templates, replace all code in between

#############################################
#    TEMPLATE FOR DnP FIRE WALL PASTE BELOW    #
#############################################  

and

#############################################
#    TEMPLATE FOR DnP FIRE WALL ENDED ABOVE    #
#############################################  

with the Template Code you are received from the template topic. Save the file after changes and reupload to server.

2 – For your own custom design template (Advanced)

Simply include this Redirect button anywhere in between the body tag of your layout.

<form name=dnp_firewall method=get action=dnp_fw.php>
    <input type=hidden value="ready" name="dnp_firewall_redirect">
    <input type=submit value=" Click here to enter " alt="Click to continue to your destination">
    </form>

The entire layout code must also be placed in the variable $Layout

$Layout = ' your layout code with Redirect button go here ';

fw_template

Compability

This MOD can be used with almost any system that runs PHP. DnP Gateway consumes very little server resource because on the surface, it is just a simpe webpage. It does not execute any query, therefore your database will not be affected under any circumstances by this plugin.

History Log

v1.4
Optimize firewall structure
Optimize 2nd-layer protection

v1.3
Add 2nd layer protection
3 more options for 2nd layer protection in config file

Detail information about DnP Firewall 2nd Layer Protection
After v1.3, DnP Firewall has an additional protection besides the Gateway itself. This 2nd layer runs silently in the background and in common situations, visitors may never see it. When an established connection shows signs of flooding or continuously sending multiple requests under a short period of time, this is when 2nd layer protection (also call Smart Anti-Flooding, a system inherited from DnP Instant! Musicbox) activates itself.

In the event your website receives high unusual amount of bad requests, 2nd layer protection kicks in. First it checks for penalty counts (tolerance level) to make sure whether this malicious client is actually trying to do something bad, not to misjudge an innocent guest.

After that — by restricting the client from access to the website– this 2nd layer protection will keep your server from execute any further query therefore saving you valuable CPU resource / bandwidth in order to deal with the attack. An error message by default shows Multiple Requests have been directly targeted our forum, as the result the current access is temporarily prohibited for 10 second(s). A stop page will appear and only cost you 170 bytes of bandwidth and zero query!

There are 3 options in dnp_fw_config.php that you definitely should take a look to adapt those settings on your board.

//2nd Layer Flood Protection enable ?
//1 to enable , 2 to disable
$config[‘dnp_firewall_2nd_layer’] = 1 ;

Simple as it sounds, whether if you want to turn it on, or not.

//Amount of time in second to show restrict message if a Flooding attack is determined
$config[‘dnp_firewall_wait_time’] = 10 ;


The higher the time , the longer the client has to wait if it’s considered as an attacker.

//Amount of penalty to be considered a Flooding attack.
//Every time multiple requests sent to the forum in less than few a second, penalty count increased by 1.
$config[‘dnp_firewall_penalty_allow’] = 3;


Tolerance level. How many times the 2nd layer protection should ignore when a client sending constant requests before giving it a blockage.

$config[‘dnp_firewall_penalty_allow’] = 12;

Advanced
The 2nd Layer protection also sports one hidden setting that is not shown in config file. This setting is for how long it should take before clear out the penalty count. Open dnp_fw.php and find:

if((time() – $_SESSION[‘dnp_firewall_last_request_timestamp’]) > 10 ){

Change 10 to a different amount of time client does not send any request (in seconds) then 2nd layer should reset the penalty count to 0. e.g : 3 or 4 seconds would be fine.

v1.2 Beta
Improve Firewall Stability
Add Domain option
Separate config file

Leave a Reply

Your email address will not be published. Required fields are marked *