This works on ALL VB version

This was created by an Admin (CyberGaf) on my site for the simple reason we wanted to make non vbull pages passworded and available only to members.

The full install details are in the zip file and TBH if you cant get this up and running its time to give up.

This can also be used on html pages I am told but have not tried it.

You can even set which user groups are allowed to view the page.

# Vbulletin GROUP ID's
# default setting = Admin & Super Moderators
#
# 1 Unregistered / Not Logged In
# 2 Registered
# 3 Users Awaiting Email Confirmation
# 4 (COPPA) Users Awaiting Moderation
# 5 Super Moderators
# 6 Administrator
# 7 Moderators
# 8 Banned
# 9 Moderated
# 10 Gold Member
# 11 Platinum Member

Please note the above usergroups are for our forums and therefor will not be available on your forum.

Or by changing usergroupid = '5') to userid ='users id') you can set the script to allow only specific users to view the pages.

This is not so much a hack but a handy little addon and it DOES work.

HM

the way that I get my non vb pages setup, it presents them with vb login box, and in some cases, like for my chat located on a diferent server, redirect them to the attempted page after login.

Thanks 'Modshack' :up: (a little late though :p)

HM - long time no see :)

Hi Paul,

I trust all is well and all my best for the future bud :)

HM

you know me - i'll bounce back :)

take care

this is perfict for the Modlog hack :)

Thanks for the great addon. It works great for my website, it made things easier for me, now only members can obtain the graphics instead of the entire internet (just the way I wanted it, ;)).

Thanks again,

SaintDog

I am in dire need of a hack/add-on to integrate my website user login with the VB login.

I tried this script but did not have any luck. I am new to PHP but am learning fast. Need a little help - Please

SYSTEM=Windows 2000 server IIS 5.0
VB= Version 2.2.1

I modified the script and placed it on the server.

I can call up the authvb.php file as well as the test.php file that requests authvb.php

When the scripts are called up I get a "Authorization required - clear off stupid" message.

I have entered the correct variables for mysql.

Do I have to run this on Apache ?

Do I have to make any changes to mysql ?

any help would be great !

Also if I can not get this to work are there any other scripts that do the same thing ?

Thanks everyone !

htaccess don't work on windows m8, u need unix/linux

HM (Modshack) & Raptor.......

You guys get about a bit.

L8tr M8's

:)

Originally posted by Mobile
htaccess don't work on windows m8, u need unix/linux
I didn't realise it required .htaccess support

Okay I have moved the site to an apache server from the IIS and am trying to configure the authvb.php file correctly. I have tried it and am getting this error.

Warning: Cannot add header information - headers already sent by (output started at /u/home/wd-vfdbl/public_WWW/login.php:1) in /u/home/wd-vfdbl/public_WWW/dev/security/authvb.php on line 98

Warning: Cannot add header information - headers already sent by (output started at /u/home/wd-vfdbl/public_WWW/login.php:1) in /u/home/wd-vfdbl/public_WWW/dev/security/authvb.php on line 99

Authorization Required - clear off Stoopid!

I am not sure about a few things and if some one can help me I would really appreciate it. Thanks.

1) <?php require('./authvb.php'); ?>

should the ./authvb.php be the absolute path ?

2) Remember to edit which groups have access + can change 'usergroupid'
to 'userid' and make access per user instead of per group.

Where do I make these changes ? Is it in mysql or somewhere else ?

3) I tried to run the script and I got these errors

Read the above posts, you need to have Linux/Unix and .htaccess support. It will not run on Windows/IIS servers that I am aware of, another person had this trouble earlier.

SaintDog

Do have to configure an .htaccess file as well ?

All the htaccess is done with vbauth.php, but it does require Linux/Unix & .htaccess before it will work. Windows/IIS will not run it from what I have tried and seen (I tried it myself on windows 2000).

SaintDog

I am using Unix and apache Now - Moved the whole site this weekend

Can not get the password vbauth.php working see previous post for problems i encountered.

Are you sure you have htaccess enabled? I know it may sound odd, but some hosts do not have it enabled on accounts....sad to say.

SaintDog

I can create an htaccess file.

do I create the htaccess file and have it point to the ftpasswd file or some where else.

I was thinking if i had it point to the htpasswd file it would be using the login and pass from with htpasswd file opposed to using the VB database for user and pass.

So in short I can create these files with telent but I just need some instructions - thanks for your help

:squareeyed: :squareeyed:

SaintDog thanks for all your help !

The errors I was getting were a result of having a space just priot to the <?php require('./authvb.php'); ?>

I removed the spave and bingo everything works. What a great script.

I am still not sure Do if I have to customize anything in this area for the groups ? It is my understanding that these were for a different board and you need to customize them for your own board. Can anyone give a little more detail ?



# Vbulletin GROUP ID's
# default setting = Admin & Jnr Admin
#
# 1 Unregistered / Not Logged In
# 2 Registered
# 3 Users Awaiting Email Confirmation
# 4 (COPPA) Users Awaiting Moderation
# 5 JNR Admin
# 6 Administrator
# 7 Moderators
# 8 Banned
# 9 Moderated
# 10 Gold Member
# 11 Platinum Member

// Formulate the query
if ($encryptedpw)
$chkpw = md5($PHP_AUTH_PW);
else
$chkpw = $PHP_AUTH_PW;

$sql = "SELECT * FROM user WHERE
username = '$PHP_AUTH_USER' AND
password = '$chkpw' AND
(usergroupid = '6' or usergroupid = '5') ";


SaintDog thanks for all your help !

Does anyone know a way to do this under IIS?

I really need it.

Thanks.

this hack is damn sexy. :) Just wanna thank you again.

Yes one cool hack and very easy to install :)

I am having problems with this hack. It seems like I have done everything properly but still no luck.
I configured authvb.php file and put it in my vbulletin directory. Then I made my sample php page and included the line <?php require('./authvb.php'); ?> first just like it specified and changed the path to match where the file is located.
I go to the test page and it pops up the little name/password box just like it should and I enter my name and password but it doesn't seem to recognize my password.

Any suggestions?

Thanks!!!

I figured it out. :)

I had

(usergroupid = '2') ";

thinking that would cover all of my members. Which it would have but since I was the Administrator and therefor in user group 6, it wouldnt let me in. :)

Ok brain fart over. :)

Sorry guys I ermmm aint been reading much lately .

Anyhow glad to see some of you have found a use for this, The main reason this was done was because we wanted to give access to other sites on our network to our members but protect them using the vbulletin password system.

I then had the idea to use the script for my admin section to give access to specific functions in the admin panel to selected admins etc. This is cos I am a paranoid git who takes security very serious.

For example Admin A can alter styles whilst Admin B can not etc.
Or
For example Admin A can alter the vbull options whilst Admin B can not.

This is easily done by changing the scripts name to authadmin.php and then adding the line <?php require('./authadmin.php'); ?> to the top of the /admin/styles.php script and then setting the user ID for the person(s) who were to have access.

The script can be used to password protect any php script using the vbull username database.

Anyhow I think I will submit this as a finished hack ?

HM

Originally posted by syion

I am still not sure Do if I have to customize anything in this area for the groups ? It is my understanding that these were for a different board and you need to customize them for your own board. Can anyone give a little more detail ?


If you for example make a new usergroup called "Old Farts" then all you do to give them access is go to the control panel and find out thier User Group ID and then just add that to the group to the access list.

# 1 Unregistered / Not Logged In
# 2 Registered
# 3 Users Awaiting Email Confirmation
# 4 (COPPA) Users Awaiting Moderation
# 5 JNR Admin
# 6 Administrator
# 7 Moderators
# 8 Banned
# 9 oldfarts [New User Group You Added]

$sql = "SELECT * FROM user WHERE
username = '$PHP_AUTH_USER' AND
password = '$chkpw' AND
(usergroupid = '5' or usergroupid = '6' or usergroupid = '7' or usergroupid = '9') ";

Which would give access to Admin/Jnr Admin/Mods/oldfarts usergroups.

HM

for some reason I keep getting this error

Warning: Access denied for user: 'root@localhost' (Using password: NO) in /home/zanarka/public_html/snakeeyes/authvb.php on line 41

Warning: MySQL Connection Failed: Access denied for user: 'root@localhost' (Using password: NO) in /home/zanarka/public_html/snakeeyes/authvb.php on line 41
Unable to connect to server.

do you have any idea why?

Do you use encrypted passwords on your vbull version ?

If you don't then set the option in the file to this ....

$encryptedpw = false;

also make sure that the file path is correct ?

HM

Ooops forgot to mention the most obvious :) have you filled in the part at the top with your details.

$checkservername = "localhost"; // hostname or ip of server
$dbcheckusername = "username here"; // user name
$dbcheckpassword = "password here"; // user password
$dbcheckbase = "database name here"; // name of database
$encryptedpw = true; // encrypted (md5) passwords on/off (true/false)

Remember for security always place it in the admin folder and alter the path in the php scripts you want to password.

I got it! thanks a lot for the help!

It's wonderful

I tried to install this hack on a Linux server with .htaccess support but can't login after the pw box comes up. I have the usergroup set to 2 and 6. Tried with a reg. user account and an adminstrator account.

Once the person is logged in, how can I get their username?

To put this on a page do I just put $auth on the page? If not how do I put it on a page O_o

Beautiful.

One question - does your remote login inherit the cookie duration you've established on your vB account?

That is, if I'm set up on vB to remember my password for a year, will I be prompted again every time I visit the remote page or will it remember me via cookie?

Thanks.

I'm curious:
What permissions did you give for the following?
8 Banned
10 Gold Member
11 Platinum Member

ok i modified it a bit
if ( $num != 0 ) {
$auth = true;

while($row=mysql_fetch_array($result)){
$userid=$row['userid'];
$username=$row['username'];
}
}

hmm doesnt work, even though i'm logged in

yup, I've tried with admin and registered user. The box pops up but doesn't accept my password.

I get this error:
Warning: Cannot add header information - headers already sent by (output started at /home/virtual/site67/fst/var/www/html/membertest.php:11) in /home/virtual/site67/fst/var/www/html/forums/admin/authvb.php on line 98

Warning: Cannot add header information - headers already sent by (output started at /home/virtual/site67/fst/var/www/html/membertest.php:11) in /home/virtual/site67/fst/var/www/html/forums/admin/authvb.php on line 99
Authorization Required - clear off Stoopid!
What do I do?

Anybody?

works perfectly fine for me!

even on my windows (98SE)/apache test server!


just put <?php require('./authvb.php'); ?> in global.php (ALL OF THEM!!!) to secure your whole board...
(if you do this, upload the authvb.php file also to your admin & mod dir (make changes to the permissions if needed! - ie, admin dir for admins only...)

I have added that. Where in the document should I put it?

oops :)
sorry, my fault... better instructions this time:

JUST AT THE TOP OF global.php (IMMEDIATELY AFTER <?php or <? ADD:

require('./authvb.php');

see the other post what else you need to do ;)

How does this help secure my nonvB pages?

this hack works killer!!
thanks --

I'll share the things I found out...

put the require statment above the HTML tag -- if you open this file with front page-- it will screw it up, and you have to fix it back...

Thank you for the comments, and the tips.

I forgot to note that the new version includes an added feature. I added a column to the user table in the vBulletin database called lastlogin as a date field. Now whenever someone logs into your site that field will be set so you know when they last logged into the non VB areas.

Would it be possible to protect an entire folder using this hack? I'm trying to do it with mod_auth_mysql and .htaccess but everytime I enter a username and password, It shows the prompt again, as if ignoring the password. This is what it looks like:

AuthType Basic
AuthUserfile /dev/null
AuthName "Member Access Only"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLHost localhost
AuthMySQLCryptedPasswords Off
AuthMySQLUser root
AuthMySQLPassword here I put my db password
AuthMySQLDB vbulletin
AuthMySQLUserTable user
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLGroupField usergroupid
<Limit GET POST>
require group 2 5 8 7 6
</limit>

it prompts for password but it won't accept my username and or password. I edited the usergroup to mines and still doesn't accept it.

That's the same thing that happen to us with the htaccess code posted above. Hope someone can help us :(

very nice hack :)

but i'm having a little problem

when the user puts in their user pass on authentification check
i get this back

Unable to execute query.

i have edited global.php in all folders ..

anything i'm missing here ?

thanks :)

ummm.. ok I assume you are using the authvb.php script
(the people above are talking about .htaccess , and probably shouldn't be in this hack)

what did you add/edit on global.php ?? this hack requires no changes to that file..

i want to link userdb to htaxx without using the mod_auth module ..

is the anyway to do it ??

thanks

NOPE--
not that I am aware of

and actually, i believe you need mod_auth_mysql

you don't need auth_mysql ..

I tried to get this hack to work many times, it just won't accept my username/password when the auth box pops up.

You need to read my post in context..

it was a reply to someone that was trying to do a .htaccess from a my-sql database...

if that is what you are trying to do -- you will need the mod_auth_mysql module for it to work.

If you are using the method this hack uses, you won't need it

I think a moderator should clean the .htaccess stuff out of this thead, as it is NOT relevant.

Ok,

Where exactly does authvb.php need to go?

I put authvb.php and a test page with <?php require('./authvb.php'); ?> in the same directory. When I accessed the test page the first time, the logon box popped up, I logged in, and everything seemed to work fine. Now I can access the page without having to log in. Any suggestions?

Well, my hack is session based so if you close the browser it will kill the session.

Otherwise check you php.ini file for the session length and see what is set to, I keep mine set to zero.

I am not sure about all the .htaccess questions. to be honest, this hack is a Windows IIS hack and never was tested on Unix or Apache, but I think it works for Apache on Windows servers.

03-19-03 at 10:43 PM SVTBlackLight01 said this in Post #57 (https://vborg.vbsupport.ru/showthread.php?postid=369562#post369562)
Ok,

Where exactly does authvb.php need to go?

I put authvb.php and a test page with <?php require('./authvb.php'); ?> in the same directory. When I accessed the test page the first time, the logon box popped up, I logged in, and everything seemed to work fine. Now I can access the page without having to log in. Any suggestions?

Anybody want to jump in?

SVT- try to logout from vBulletin and closing all browser windows. Then open a browser again, and enter your site; it should prompt you again. If your intention is to have the login always come up, be sure you have the appropriate cookie settings in the user's cp your are accessing your site with. (ie "Remember username and password": set to no, "Browse board w. cookies?": set to no

I am using this hack now to authenticate a small closed-registration board. I have commented out the option for the users to change this in their cp--they don't even see it. I control the cookies, and the access....

works for my application... (though I do have another problem, see next...)

I am using this hack to control access to a vBulletin board (I also have vBHome installed). It works, but I have one big annoyance:

I get prompted twice for a login. When entering the site, I get the htaccess "style" prompt. Any username and login I use (that's registered on the vBulletin forum) works. But then I get redirected to the vBulletin "not registered" form. When I enter the same login/pass again, only then do I get redirected to the vBHome page.

Shouldn't the data in forms from the first "htaccess style" box be passed to authenticate with Vbulletin? Do I have to have the "browse board w. cookies" set to yes?

Here is another wrinkle: This forum is accessed largely by a group of computers in the same workplace. All of these computers have a login prompt at bootup, and most--if not all--of these computers are accessed with the SAME login and prompt (strange, I know....all the computers are shared). So, when user A logs on to a computer, under this common login, a cookie is set "common@forumsite.com". If user B logs into the forum from the SAME computer at a DIFFERENT TIME (remember, the user "common" is still logged into the computer, but has logged out of vBulletin), user B will still get the "htaccess style" prompt, log in with his unique vBulletin user/pass, and get welcomed to the vBulletin home as user A. Obviously user A's info is in the "common" cookie set on the computer.

Put another way: is it at all possible to have one, unified login (only one "htacess style" prompt) for many forum members (each with a unique vBulletin username/pass) on a single, shared computer, with one "common" computer login?

I'm probably doing something very stupid here....anyone got an idea?

very nice hack :banana:
But how is it possible to make users who already loggedin in vb, view the "Non-vb" pages without having to log again and visa-versa.

Thanks

04-21-03 at 01:37 AM portalguy said this in Post #62 (https://vborg.vbsupport.ru/showthread.php?postid=384643#post384643)
very nice hack :banana:
But how is it possible to make users who already loggedin in vb, view the "Non-vb" pages without having to log again and visa-versa.

Thanks

Any news on this as I would also like this?

Is it ok with v2.3?
I hope so,, it sound great ... the descrition ...

excellent work! gonna use this.. now just need a login page on none vb pages aswell :p

I have tried using this hack, but when I enter my login information, it just pops up the password box again instead of showing the hidden page. When I hit cancel and give up on entering the info, I get the clear off stoopid message.

Any help, please?

ETA is this the best way to password protect a non-vb page? I feel like I've been sitting here for hours looking for a simple way to just have only board members view a certain non-vb page of my site. I really don't need anything fancy and if it can be done without the popup box, that would probably be better.

If the user enters incorrect information, is it possible to have them sent to a "standard" 401 page, or one that's been cutomized? Right now, they're taken to a white page with a message.

We have created custom error pages that attempt to provide more information for the user. For example, the reason they were not able to enter the restricted area was because they were not members of the forum and they would have access to the explanation and how to register or login.

I don't know if this is something complicated, but basically just have it go to the "default" 401 error page, rather than the current message.

Right now the code for an incorrect user name and password is in the section that starts on line 95 inside that else statement.

All you would have to do is chage that table in the else to a header statement to send them to the page you wanted.

That makes sense, although I'll have to try to figure out how to do it. My PHP skills are..., well, I don't have any. Can it be made to send them to any page, or just a 401?

Thank you for the hack.

I had random internet users using my picture uploader, now this should clamp them down!

Any reason why this wouldn't work with vbulletin 3.0? I glanced through the file real quick and the code seems simple enough and shouldn't connect to anything vb2 specific. I'll try to test it out when I get home if no one else does first.

mine is not working with vb 3.0

I figured out the problem, i took out the variable for check pwd instead just changed the sql query

Here is the fix to that file

$sql = "SELECT * FROM user WHERE
username = '$PHP_AUTH_USER' AND
password = 'MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt))' ";

<?php
include("/home/****/public_html/dbConfig.php");


$encryptedpw ="true";

$realm = "This site is private!";

$auth = false; // Assume user is not authenticated

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {

// Connect to MySQL

mysql_connect( $host, $user, $password )
or die ( 'Unable to connect to server.' );



mysql_select_db( $forum_database )
or die ( 'Unable to select database.' );


$sql = " SELECT * FROM user WHERE
username='$PHP_AUTH_USER' AND
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt))";

// Execute the query and put results in $result

$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );

// Get number of rows in $result.

$num = mysql_numrows( $result );

if ( $num != 0 ) {

// A matching row was found - the user is authenticated.

$auth = true;

}

}

if ( ! $auth ) {

header( "WWW-Authenticate: Basic realm=\"$realm\"" );
header( "HTTP/1.0 401 Unauthorized" );
echo 'Authorization Required - EMPL Owners Only!';
exit;
}

?>

Any chance on posting a full vb3 version? I tried Timmy's hacks but I'm sure that I'm messing something up.

No workie w/vb3 :(

Any chance on posting a full vb3 version? I tried Timmy's hacks but I'm sure that I'm messing something up.

No workie w/vb3 :(

I got it to work on vb3 (watch where he has the ' characters, its different in the two code samples)

I got it to work on vb3 (watch where he has the ' characters, its different in the two code samples)
Ok, give us a better hint on how you got it to work with VB3. I still cannot get it to work.

These are the only lines I changed and it works for me with 3.0.0 Gold:

// Formulate the query
// Get rid of these 4 lines or comment them out:
# if ($encryptedpw)
# $chkpw = md5($PHP_AUTH_PW);
# else
# $chkpw = $PHP_AUTH_PW;
// Keep this line
$sql = "SELECT * FROM user WHERE
// Keep this line
username = '$PHP_AUTH_USER' AND
// get rid of this line
# password = '$chkpw' AND
// add this line
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND usergroupid = '6'";

I am unable to get the Page to load. If i goto the url of authvb.php directly it seems to work fine. However when i include this into a PAGE then it does not AUTH me. I have my cookie set to my domain but i dont know what could be wrong.

This is how I am including it:

<?php require('./authvb.php'); ?>

Hope that helps.

What will it display on Whose online?

These are the only lines I changed and it works for me with 3.0.0 Gold:

// Formulate the query
// Get rid of these 4 lines or comment them out:
# if ($encryptedpw)
# $chkpw = md5($PHP_AUTH_PW);
# else
# $chkpw = $PHP_AUTH_PW;
// Keep this line
$sql = "SELECT * FROM user WHERE
// Keep this line
username = '$PHP_AUTH_USER' AND
// get rid of this line
# password = '$chkpw' AND
// add this line
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND usergroupid = '6'";
Works 100% except.. i try and do "AND usergroupid = '6' or usergroupid = '5'"
and it seizes to work... any idea/

Verify the group is correct, my group 6 might not be your group six. Also make sure *you* or the id you are authenticating with is in the group specified.

Why use basic auth over cookies?
When using cookies you're at least abel to hash the values stored in the cookies (sent from user agent -> server in each http request).

When using basic auth., the username + password are sent in clear text to the server (for every http request). So basically this is lowering the application security (at least unless you're using secure http, tls or ssl)...

HTTP Authentication: Basic and Digest Access Authentication (http://www.ietf.org/rfc/rfc2617.txt)

Does this work with VB3.0.0 GOLD..

TIA

-Pheonix

Sweet hack!! I see I?m not the only one who thinked about this! I haven?t tried it, but it should work (I saw the source)...

If anyone uses a windows server and need something like this (protect non vB pages, get login-box on non vB pages, etc. etc.) there are some other hacks out there (mine for example).... remember, the good thing about this foum is the ability to choose and get the hack that suits best your site :D...

Here?s another hack that could work on Windows Systems :) (https://vborg.vbsupport.ru/showthread.php?t=64828)

Good luck :). I?ll try this out and let you know how it went :)

[EDIT] I installed and I have to say.. Works great!!! :)... nice job :)

Can someone compile a VB3 working hack? I have tried what you all said nothing works! Thanks!

Also do I need a htaccess file in the folder?

I can log in but I get this error:
Unable to execute query.

What will it display on Whose online?
anyone?

These are the only lines I changed and it works for me with 3.0.0 Gold:

// Formulate the query
// Get rid of these 4 lines or comment them out:
# if ($encryptedpw)
# $chkpw = md5($PHP_AUTH_PW);
# else
# $chkpw = $PHP_AUTH_PW;
// Keep this line
$sql = "SELECT * FROM user WHERE
// Keep this line
username = '$PHP_AUTH_USER' AND
// get rid of this line
# password = '$chkpw' AND
// add this line
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND usergroupid = '6'";
working like a charm with vb3.5.0

i have altered the php file to easiely add more groups.

you can delete groups that must not have the permission to enter the page by deleting or usergroupid = 'x' .
to add a group add one or usergroupid = 'x' .

In this Line.
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND (usergroupid = '2' or usergroupid = '6' or usergroupid = '5' or usergroupid = '9' or usergroupid = '10')";

Tested with vb 3.5.0

authvb.php looks like just the thing I need, but I've been tearing my hair out trying to get it to work on my server. After reading through the whole of this thread, I finally found the hack which should make it work on 3.5.x. My select statement now looks like this:

$sql = "SELECT * FROM user WHERE
username = '$PHP_AUTH_USER' AND
password = MD5(CONCAT(MD5('$PHP_AUTH_PW'), salt)) AND
(usergroupid = '6' or usergroupid = '11' or usergroupid = '12' or usergroupid = '2') ";
My test page is finding the script, as an .htaccess-type box pops up. However, when I enter a username and password it just presents me with an empty username/password box again. I've tried it with several different username/password combinations and checked that those usernames belong to one of the specified usergroupids.

Any ideas on what I should try next?

-- Tim L

Anyone got this working on v3.5.4? or have a better/similar solution to reccommend?

tested with vb 3.6.1 no longer working here.

would like to have it working on a windows server (so no htaccess)
just with a normal login box or auto login (using cookies)
anybody knows how to check if an user is already authenticated in its session ?

What's the latest word on this mod, or a mod which does a similar thing? I want to use the vBulletin user/password data set to protect other files on my website.

Anyone can help me with 3.6.x ? please ?

Head over to here:

https://vborg.vbsupport.ru/showthread.php?t=108026

Or if you prefer a more simple solution, here:

https://vborg.vbsupport.ru/showthread.php?t=132996

Both are great solutions that are working very well for me on 3.6.x. Thanks to Bill for the nice mod.

working under 3.5.4 :up:

*bump*

What are you bumping?