<<< Date Index >>>     <<< Thread Index >>>

Re: UPDATE vBulletin Version 3.5.4 exploit



If you have the CAPTCHA enabled then the registrations won?t even go through. 
This can be enabled via the Admin Control Panel. It's not enabled by default 
due to extra module requirements in PHP.

The option for CAPTCHA exists in all versions of vBulletin and the majority of 
customers enable it almost immediately.

Though if you are talking about the flood being allowed in the first place then 
surely this is something that should be handled at the server level by modules 
such as mod_evasive.

Scott MacVicar
Development Team, vBulletin