ZB BLOCK CHANGELOG 

0.3.1 Beta 04/07/09

Bugfix: Installer would generate errors trying to delete old installer files, on new install. Checks for old files before attempting delete.

0.3.0 Beta 04/05/09 

INSTALLER! Just load zbblock/setup.php in your browser, follow instructions. YAY! :D

Security Fix: Post data removed from log. Possible password exposure.

Security Fix: Filename removed from log. Possible path structure exposure.

Change: "Forwarding Hell" deprecated and removed. ZB Block is about security, not revenge.

Change: Anti-Flooding pause extended to 25 seconds.

Change: Code cleaned for efficiency.


0.2.0 Beta 02/25/09

New site, new semi-major version!

BugFix: Now can be run several times on the same page, due to accidental includes and such, without throwing an error. Will quickly skip over itself if it has run before.

Feature: Deeper Detections. Now strips the query string down to the base elements. No more cloaking with %## !

Feature/Change: Now throws an authentic 403 with a descriptive error message by default, rather than forwarding hell. Still has a wait to slow some robots down.


0.1.8 Beta 01/07/09 

Sorry, didn't mean to release a new update so soon! 
Necessary because signature file has added "stuff" in it. 
Next update of program (bar hotfixes) will be in Feb. 
(It's beginning to eat my life!) 

Feature: Added ability to check user agent (though I doubt the utility of this due to cloaking). 

Feature: Added ability to check POST data (though I doubt the utility of this due to most skiddy 
scripts don't use POST). 

Feature: Added serial # counter, stored in vault. 

Change : Changed several checks of $_SERVER['HOME'] to a single check that can be replaced by 
a static value, in the case of some odd server packages that alter $_SERVER['HOME']. 
Now stored in $path_to_httproot . Will eventually be loaded from a semi permanent config 
file. 


0.1.7 Beta 12/28/08
Feature: Added score ouptut in case of multiple matches. 

Feature: Now lists all reasons for blocking each attack. 

Feature: Placed signatures in locked /vault/ (with .htaccess and .htpasswd) 

Feature: Added custom signature file in /vault/ so you need not put back in 
your custom blocks each time you update main signatures. 


0.1.6 Beta 11/28/2008
Feature: Added detection of $_SERVER['PATH_INFO'] . 
Allows for smarter detection of (evil) remote file includes. 
Also allows for rejection of client on sites that have no use for path_info. 


0.1.5 Beta 11/22/08
Feature: Added promised IP range blocking, which signifigantly shrank the signature file, 
and speeded processing. 


0.1.2 thru 0.1.4 inhouse experiments and other dead-ends.


0.1.1 Beta 11/12/08 
Feature: Added reason for blocking to output file. 

Speedup: Tightened some variable reading code. (Read system variables once, string to lower from them) 
Removed: Redundant String Length function in inmatch. 


0.1.0 Beta 11/08/08 
First Public Beta