[xlang:en]
= SUMMARY =

Xoops Protector is a module to defend XOOPS2 from various and malicious attacks.

This module can protect a various kind of attacks like:

- DoS
- Bad Crawlers (like bots collecting e-mails...)
- SQL Injection
- XSS (Just only a little kind of ...)
- System globals pollution
- Session hi-jacking
- Null-bytes
- Wrong file path specifications
- Some kind of CSRF (fatal in XOOPS <= 2.0.9.2)
- Brute Force

Xoops Protector defends you XOOPS from these attacks, and it records into its log. 

Of course, all vulnerablities can't be prevented.
Be not overconfident, please.

However, I [color=ff0000][b]strongly[/b][/color] recommend installing this module to all XOOPS sites with any versions.



= RELATION to AntiDoS-P =

The antecedent of Xoops Protector was AntiDoS-P.

Since all functions of AntiDoS-P has been succeeded in Xoops Protector, you'd better to uninstall AntiDoS-P.



= USAGE =

Please install it as well as a usual module. 

After Xoops Protector is installed, edit your mainfile.php like this:
[code]
	define('XOOPS_GROUP_ADMIN', '1');
	define('XOOPS_GROUP_USERS', '2');
	define('XOOPS_GROUP_ANONYMOUS', '3');

	[color=ff0000]include( XOOPS_ROOT_PATH . '/modules/protector/include/precheck.inc.php' ) ;[/color]
	if (!isset($xoopsOption['nocommon']) [color=0000ff]&& XOOPS_ROOT_PATH != ''[/color] ) {
		include XOOPS_ROOT_PATH."/include/common.php";
	}
	[color=ff0000]include( XOOPS_ROOT_PATH . '/modules/protector/include/postcheck.inc.php' ) ;[/color]
[/code]
If the blue colored part is different from your mainfile.php, don't mind it.

Both pre-check and post-check are needed.

When you turn this on, you have to check if your IP is included in
"Enter IP addresses that should be banned from the site".

If unfortunately you as an administrator are banned by some unexpected erros, you can directly access

http://(your xoops)/modules/protector/admin/rescue.php

but be sure to set the password in preferences of XoopsProtector in advance.


An option "DENY by .htaccess" is added on version 2.34.
If you try this option, set writable XOOPS_ROOT_PATH/.htaccess
Before installing this, you should compare it to the security risks which .htaccess is writable.



= THANKS =
 - Kikuchi  (Traditional Chinese language files)
 - Marcelo Yuji Himoro (Brazilian Portuguese and Spanish language files)
 - HMN (French language files)
 - Defkon1 (Italian language files)
 - Dirk Louwers (Dutch language files)
 - Rene (German language files)
 - kokko (Finnish language files)
 - Tomasz (Polski language files)
 - Sergey (Russian language files)

Moreover, I thank to JM2 and minahito -zx team- about having taught me kindly.
You are very great programmers!



p.s.

If you've created or modified language files for this module, contact to me.
I will register it in Protector archive.


[/xlang:en][xlang:ja]

׻

Xoops Protector ϡXOOPS2 ͡ʰդ빶⤫뤿Υ⥸塼Ǥ

Υ⥸塼Ǥϡʲιɤޤ

- DoS
- դ륯顼ʥ᡼ܥåȤʤɡ
- SQL Injection
- XSS ʤȤäƤ⡢ΥѥǤ...
- ƥ॰Хѿ
- åϥå
- ̥Хȹ
- ǥ쥯ȥ̤
- ĤδCSRF (XOOPS 2.0.9.2ʲ¸ߤ)
- Brute Force ʥѥ

ι⤫餢ʤXOOPSꡢ˵Ͽޤ

Υ⥸塼ϤޤǡŪɸ椷Ԥޤ
3rdѡƥ⥸塼˸褦ʷΰɤ뤫⤷ޤ󤬡٤ƤηɤΤǤϤʤ΅϶ʪǤ

θ³ϾΤξǡ٤ƤXOOPS桼Фơ󥹥ȡ[color=ff0000][b][/b][/color]ᤷޤ



AntiDoS-P Ȥδط

Υ⥸塼ȤϡAntiDoS-P Ȥ̾ǤǤDoSкǤϤʤʤäƤ뤳ȡɤŪ˽ľȤ顢 Xoops Protector ̾դƤޤ

ޤ⥸塼ȤƤΩƤޤAntiDoS-P εǽϤ٤ Xoops Protector ѤǤޤΤǡAntiDoS-P ϥ󥤥󥹥ȡʤ뤳Ȥ򤪤ᤷޤ



ˡ

̾Υ⥸塼Ʊͤ˥󥹥ȡ뤷Ʋ

ǤϤޤäưƤޤΤǡmainfile.php ƤӽФ褦ˤ뤳Ȥɬ׾Ǥ

Xoops Protector 򥤥󥹥ȡ塢ȤXOOPS mainfile.php ΰֲΤ
[code]
	define('XOOPS_GROUP_ADMIN', '1');
	define('XOOPS_GROUP_USERS', '2');
	define('XOOPS_GROUP_ANONYMOUS', '3');

	[color=ff0000]include( XOOPS_ROOT_PATH . '/modules/protector/include/precheck.inc.php' ) ;[/color]
	if (!isset($xoopsOption['nocommon']) [color=0000ff]&& XOOPS_ROOT_PATH != ''[/color] ) {
		include XOOPS_ROOT_PATH."/include/common.php";
	}
	[color=ff0000]include( XOOPS_ROOT_PATH . '/modules/protector/include/postcheck.inc.php' ) ;[/color]
[/code]
ȡɲäƲ

Ŀʬϡǽ˥󥹥ȡ뤷ΥСˤäưۤʤޤäƤƤⵤˤʤƷ빽Ǥ

դ빶ԤäƤ褦IP򺣸³Ūӽ뤿ˤϡ
֥ƥ->ְ->ְ->IPݡ
ONˤɬפޤ

̾ϡΥ⥸塼򥤥󥹥ȡ뤹ǡONˤʤޤ󥹥ȡ뤷ƤOFFΤޤޤä硢εIPˡȤΥ饤ȥޥ󤬺ܤäƤޤäƤǽޤ

IPݡפѰդONˤˡȤΥ饤ȥޥIP򡢵IPäƲ

⤷ʤ餫ͳǡʬȤIPݥꥹȤ˺ܤäƤޤä硢

http://(your xoops)/modules/protector/admin/rescue.php

˥ơProtectorΰǻꤷѥɤϤ뤳ȤǡŪˡIPݵǽOFFˤǤޤ

餫ᤳΥѥɤꤷƤʤȡΥ쥹塼ǽ̵ˤʤޤΤǡղ

2.34顢¸Ūˡ.htaccessˤDoSɸȤץɲäޤѤ硢XOOPS_ROOT_PATHˤ.htaccessǽȤɬפޤƳݤˤϡ.htaccessե뤬ǽǤ롢ȤꥹӤƲ


ռ
 - Kikuchi (ե)
 - Marcelo Yuji Himoro (֥饸Υݥȥ졦ڥե)
 - HMN (ե󥹸ե)
 - Defkon1 (ꥢե)
 - Dirk Louwers (ե)
 - Rene (ɥĸե)
 - kokko (եɸե)
 - Tomasz (ݡɸե)
 - Sergey (ե)

ޤΥ⥸塼ˤꡢ͡ʤƳڥ򤤤zxγ͡Ȥ櫓JM2minahitoˡ괶դޤ



[/xlang:ja]

------------------------------------------------------------

GIJ=CHECKMATE <gij@peak.ne.jp>   aka GIJOE in jp.xoops.org
2004,2005

PEAK XOOPS  http://www.peak.ne.jp/xoops/

