[Guide] Making, Secure, Populate your MU Online Server
- Thread starter OmaRuCat
- Start date
mi7aka
Well-Known Member
- Joined
- Oct 31, 2009
- Messages
- 739
- Reaction score
- 297
Code:
<?
session_start();
header("Cache-control: private");
ob_start();
require("config.php");
include("includes/functions.php");
include ("ctracker.php");
include ("safesql.class.php");
include("class.floodblocker.php");
include ("anti-inject-base64.php");
include("flood/gate.php");
include("tweety.php");
magic();
htmlspecialchars($_REQUEST);
include("includes/functions.login.php");
include("includes/functions.user.php");
login();
logincheck();
admincheck();
logoutadmin();
check_user();
check_user_admin();
$queryString = strtolower($_SERVER['QUERY_STRING']);
if (strstr($queryString,"<") OR strstr($queryString,">") OR strstr($queryString,"(") OR strstr($queryString,")") OR
strstr($queryString,"..") OR
strstr($queryString,"%") OR
strstr($queryString,"*") OR
strstr($queryString,"+") OR
strstr($queryString,"!") OR
strstr($queryString,"@")) {
$loc = $_SERVER['PHP_SELF'];
$ip = $_SERVER['REMOTE_ADDR'];
$date = date ("d-m-Y @ h:i");
$lfh = "log.txt";
$lfh = "logove.php";
$log = fopen ( $lfh,"a+" );
fputs ($log, "Attack Date: $date | Attacker IP: $ip | QueryString: $loc?=$queryString\n");
fclose($log);
echo "You think you can hack me? Now You will eat the BANN!!";
}
language();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<meta name="keywords" content="muonline, mu, muo, ovia, game, mmorpg, rpg, online, server, BgZoneMu, BgZoneMu , muserver 99b, muserver, MuOnline 97d, bgzonemu.com, bgzone, NakazaTeLq, Top mu">
<script type="text/javascript" src="includes/overlib.js"></script>
<script type="text/javascript" src="includes/helptip.js"></script>
<script language="JavaScript" type="text/javascript">
<!--
//Disable right click script III- By Renigade ([email protected])
//For full source code, visit http://www.dynamicdrive.com
var message="";
///////////////////////////////////
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById&&!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
document.oncontextmenu=new Function("return false")
// -->
</script>
<link rel="stylesheet" href="images/css.css" type="text/css" media="screen">
<link href="images/style.css" rel="stylesheet" type="text/css">
<title>BgZoneMu</title>
</head>
<body text="red" style="background-color: #000000;">
<table width="964" border="0" cellpadding="0" cellspacing="0" align="center">
<tr><td>
<img src="images/logo1.png" width="100%" height="200" alt="">
</td></tr>
</table>
ludaka
New Member
- Joined
- Dec 10, 2008
- Messages
- 387
- Reaction score
- 112
и т.н.....Code:<? session_start(); header("Cache-control: private"); ob_start(); require("config.php"); include("includes/functions.php"); include ("ctracker.php"); include ("safesql.class.php"); include("class.floodblocker.php"); include ("anti-inject-base64.php"); include("flood/gate.php"); include("tweety.php"); magic(); htmlspecialchars($_REQUEST); include("includes/functions.login.php"); include("includes/functions.user.php"); login(); logincheck(); admincheck(); logoutadmin(); check_user(); check_user_admin(); $queryString = strtolower($_SERVER['QUERY_STRING']); if (strstr($queryString,"<") OR strstr($queryString,">") OR strstr($queryString,"(") OR strstr($queryString,")") OR strstr($queryString,"..") OR strstr($queryString,"%") OR strstr($queryString,"*") OR strstr($queryString,"+") OR strstr($queryString,"!") OR strstr($queryString,"@")) { $loc = $_SERVER['PHP_SELF']; $ip = $_SERVER['REMOTE_ADDR']; $date = date ("d-m-Y @ h:i"); $lfh = "log.txt"; $lfh = "logove.php"; $log = fopen ( $lfh,"a+" ); fputs ($log, "Attack Date: $date | Attacker IP: $ip | QueryString: $loc?=$queryString\n"); fclose($log); echo "You think you can hack me? Now You will eat the BANN!!"; } language(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> <meta name="keywords" content="muonline, mu, muo, ovia, game, mmorpg, rpg, online, server, BgZoneMu, BgZoneMu , muserver 99b, muserver, MuOnline 97d, bgzonemu.com, bgzone, NakazaTeLq, Top mu"> <script type="text/javascript" src="includes/overlib.js"></script> <script type="text/javascript" src="includes/helptip.js"></script> <script language="JavaScript" type="text/javascript"> <!-- //Disable right click script III- By Renigade ([email protected]) //For full source code, visit http://www.dynamicdrive.com var message=""; /////////////////////////////////// function clickIE() {if (document.all) {(message);return false;}} function clickNS(e) {if (document.layers||(document.getElementById&&!document.all)) { if (e.which==2||e.which==3) {(message);return false;}}} if (document.layers) {document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;} else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;} document.oncontextmenu=new Function("return false") // --> </script> <link rel="stylesheet" href="images/css.css" type="text/css" media="screen"> <link href="images/style.css" rel="stylesheet" type="text/css"> <title>BgZoneMu</title> </head> <body text="red" style="background-color: #000000;"> <table width="964" border="0" cellpadding="0" cellspacing="0" align="center"> <tr><td> <img src="images/logo1.png" width="100%" height="200" alt=""> </td></tr> </table>
DevilMu Web.... Иначе темата си е супер!
MaZaRa7
New Member
- Joined
- Apr 27, 2010
- Messages
- 251
- Reaction score
- 22
Стъпка 3 :
Как да популялизираме нашият Web Site ?!?!? :
Като за начало може да го добавите тука : /7/
и в други подобни форуми
Например Mu Online top 100 - Private servers, free servers, Guides, Guilds в него има безплатна услуга чрез която след като се регистрирате и ъпдейтните вашето сървър инфо получавате 7 дни безплатно ГОЛД МЕМБЕР !!!
Немисля,че това е начина за популялизиране на даден сайт или сървър
9/10 !! Thanks
Как да популялизираме нашият Web Site ?!?!? :
Като за начало може да го добавите тука : /7/
и в други подобни форуми
Например Mu Online top 100 - Private servers, free servers, Guides, Guilds в него има безплатна услуга чрез която след като се регистрирате и ъпдейтните вашето сървър инфо получавате 7 дни безплатно ГОЛД МЕМБЕР !!!
Немисля,че това е начина за популялизиране на даден сайт или сървър
9/10 !! Thanks
10/10, Great Omaru, but some modules are missing from the security folder..
web_modules.php
clean_var.php
login.class.php
scripts/index.inc
and most of the link's are broken, but the most important file is still alive
web_modules.php
clean_var.php
login.class.php
scripts/index.inc
and most of the link's are broken, but the most important file is still alive
Please help me
In some versions of Apache not have it included .
Better use mod_dosevasive .
Angerfist12345
New Member
- Joined
- Feb 20, 2010
- Messages
- 142
- Reaction score
- 16
You need to put it in : apache/modules/
After that to edit : apache/conf/httpd.conf
And to add :
after all LoadModule :
LoadModule dosevasive22_module modules/mod_dosevasive22.so
In bottom of file :
DOSHashTableSize 3097
DOSPageCount 35
DOSSiteCount 70
DOSPageInterval 30
DOSSiteInterval 30
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSWhitelist 127.0.0.*
DOSWhitelist 127.0.*.*
After that to edit : apache/conf/httpd.conf
And to add :
after all LoadModule :
LoadModule dosevasive22_module modules/mod_dosevasive22.so
In bottom of file :
DOSHashTableSize 3097
DOSPageCount 35
DOSSiteCount 70
DOSPageInterval 30
DOSSiteInterval 30
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSWhitelist 127.0.0.*
DOSWhitelist 127.0.*.*
who can reupload this:
За повече защита ви предлагам да си изтеглите и mod_security на Apache 2
Download : http://4storing.com/y22u7r/1d12fc990...f83bca1bd.html
Как да го инсталираме ?!?!? :
Отворете xampp/apache/conf/httpd.conf
Допълнете на последните редове :
LoadModule security2_module modules/mod_security2/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
SecRuleEngine On
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
SecAuditEngine RelevantOnly
SecAuditLogType Serial
SecAuditLog logs/mod_security2.log
SecRule ARGS "c:/" t:normalisePathWin
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"
SecRule ARGS "d:/" t:normalisePathWin
SecRule ARGS:highlight "(\x27|%27|\x2527|%2527)"
За повече защита ви предлагам да си изтеглите и mod_security на Apache 2
Download : http://4storing.com/y22u7r/1d12fc990...f83bca1bd.html
Как да го инсталираме ?!?!? :
Отворете xampp/apache/conf/httpd.conf
Допълнете на последните редове :
LoadModule security2_module modules/mod_security2/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
SecRuleEngine On
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
SecAuditEngine RelevantOnly
SecAuditLogType Serial
SecAuditLog logs/mod_security2.log
SecRule ARGS "c:/" t:normalisePathWin
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"
SecRule ARGS "d:/" t:normalisePathWin
SecRule ARGS:highlight "(\x27|%27|\x2527|%2527)"
