vb.org Archive
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   Administrative and Maintenance Tools - AdminCP Firewall ~ Protect your AdminCP! (https://vborg.vbsupport.ru/showthread.php?t=296383)

TheSupportForum 03-27-2013 06:37 PM
Quote:
Originally Posted by BadgerDog (Post 2412408)
Thanks .. :)

It won't let me put anything in that user ID as it says it's a protected user and it wants me to modify the config.php file ... :p

Regards,
Doug
in config .php you have set

PHP Code:
$config['SpecialUsers']['undeletableusers'] = '1'
if you remove your UserID and save the file then add your IP address to the correct profile field it will go away

when you have the above option set in config.php you can not change anything

Gripi 04-04-2013 05:16 PM
Quote:
Originally Posted by TheSupportForum (Post 2412067)
with new version i get

Warning: Invalid argument supplied for foreach() in [path]/login.php(119) : eval()'d code on line 4
but testing it, the email does work on sending the correct info

https://vborg.vbsupport.ru/external/2013/04/56.png
Hello..

I got the same error message, using vb 4.2.0, and latest php stable version, and litespeed webserver.

liamwli 04-05-2013 10:59 AM
Quote:
Originally Posted by Gripi (Post 2414267)
Hello..

I got the same error message, using vb 4.2.0, and latest php stable version, and litespeed webserver.
I'll look into this further :)

liamwli 04-05-2013 05:01 PM
Hey all, I fixed the php error bug :)

cjwinternet 04-05-2013 05:17 PM
Mod disabled - I don't want yet another link at the bottom of the page, especially one that tells people that there might possibly be another way in to the forum.

liamwli 04-05-2013 05:21 PM
Quote:
Originally Posted by cjwinternet (Post 2414506)
Mod disabled - I don't want yet another link at the bottom of the page, especially one that tells people that there might possibly be another way in to the forum.
Right, in that case you need to think about the people that make these mods. I think a bit of advertisement is fine do you not?

Also, how does it state there is another way into the forum?

Gripi 04-05-2013 05:22 PM
Quote:
Originally Posted by liamwli (Post 2414500)
Hey all, I fixed the php error bug :)
Hello..

I already upgrade to 1.3.2, still got same error message.

PHP Code:
WarningInvalid argument supplied for foreach() in [path]/login.php(119) : eval()'d code on line 4 

liamwli 04-05-2013 05:23 PM
Quote:
Originally Posted by cjwinternet (Post 2414506)
Mod disabled - I don't want yet another link at the bottom of the page, especially one that tells people that there might possibly be another way in to the forum.
Also, branding is disabled in the latest version (1.3.2)

liamwli 04-05-2013 05:24 PM
Quote:
Originally Posted by Gripi (Post 2414508)
Hello..

I already upgrade to 1.3.2, still got same error message.

PHP Code:
WarningInvalid argument supplied for foreach() in [path]/login.php(119) : eval()'d code on line 4 
That's officially strange. I no longer do...

Will investigate further :)

BadgerDog 04-05-2013 08:39 PM
Updated to 1.3.3 with thanks .. :)

Regards,
Doug

liamwli 04-05-2013 08:41 PM
Quote:
Originally Posted by BadgerDog (Post 2414563)
Updated to 1.3.3 with thanks .. :)

Regards,
Doug
:) Glad!

(Why is the rating decreasing :()

Gripi 04-06-2013 03:04 PM
Quote:
Originally Posted by liamwli (Post 2414510)
That's officially strange. I no longer do...

Will investigate further :)
Hello..

Yup still got the same error after upgrade to 1.3.3

TheSupportForum 04-07-2013 09:09 AM
Quote:
Originally Posted by Gripi (Post 2414740)
Hello..

Yup still got the same error after upgrade to 1.3.3
ensure each user including yourself has an IP allocated to the profiles without it, this error will still apear

Gripi 04-08-2013 04:38 PM
Quote:
Originally Posted by TheSupportForum (Post 2414876)
ensure each user including yourself has an IP allocated to the profiles without it, this error will still apear
Hello..

Sorry.. i'm not quite understand "IP allocated to the profiles", can you explain more detail?

Thanks alot..

liamwli 04-08-2013 04:54 PM
Quote:
Originally Posted by Gripi (Post 2415138)
Hello..

Sorry.. i'm not quite understand "IP allocated to the profiles", can you explain more detail?

Thanks alot..
In the user editor, there is a field called IP. Make sure it contains a valid IP (127.0.0.1 will do).

Gripi 04-10-2013 03:55 PM
Quote:
Originally Posted by liamwli (Post 2415147)
In the user editor, there is a field called IP. Make sure it contains a valid IP (127.0.0.1 will do).
i'm not quite understand about this.

let say nick "david" try to login to admincp with the wrong password, the nick david have ip add in the user profile editor, but still showing error msg.

liamwli 04-10-2013 04:00 PM
Quote:
Originally Posted by Gripi (Post 2415547)
i'm not quite understand about this.

let say nick "david" try to login to admincp with the wrong password, the nick david have ip add in the user profile editor, but still showing error msg.
Everyone should have an IP in the profile editor.

However, I am working on a permanent fix for this issue and shall PM you soon.

djbaxter 04-19-2013 06:06 AM
Using email notification only at the moment:

  • requires me to enter an IP address even though I've not enabled Ip monitoring or filtering
  • works as expected if the admincp folder is not renamed
  • does not trigger an email on one forum where the admincp forum IS renamed to something else (e.g., new_admin)

liamwli 04-19-2013 06:17 AM
Quote:
Originally Posted by djbaxter (Post 2417276)
Using email notification only at the moment:

  • requires me to enter an IP address even though I've not enabled Ip monitoring or filtering
  • works as expected if the admincp folder is not renamed
  • does not trigger an email on one forum where the admincp forum IS renamed to something else (e.g., new_admin)
Did you change the field marked admincp directory, found in the options?

djbaxter 04-19-2013 06:27 AM
Quote:
Originally Posted by liamwli (Post 2417277)
Did you change the field marked admincp directory, found in the options?
Yes, of course. It has the correct folder name there, no leading or trailing slashes, just like with the other forums. And the new folder is in the root of the forum directory, just as the admincp folders are.

djbaxter 04-19-2013 10:56 AM
Quote:
Originally Posted by djbaxter (Post 2417276)
Using email notification only at the moment:
  • requires me to enter an IP address even though I've not enabled Ip monitoring or filtering
  • works as expected if the admincp folder is not renamed
  • does not trigger an email on one forum where the admincp forum IS renamed to something else (e.g., new_admin)
Quote:
Originally Posted by liamwli (Post 2417277)
Did you change the field marked admincp directory, found in the options?
Quote:
Originally Posted by djbaxter (Post 2417278)
Yes, of course. It has the correct folder name there, no leading or trailing slashes, just like with the other forums. And the new folder is in the root of the forum directory, just as the admincp folders are.
I checked the setting in the vBulletin Email Options and found an incorrect setting in the one that wasn't working (the one with the renamed admincp). Specifically the "Enable '-f' Parameter" was set to YES on that one forum. I turned it off and the email notifications of admincp logins are now working correctly.

MahdyE23 04-19-2013 11:31 AM
This is actually a very amazing mod, thank you for this!

djbaxter 04-19-2013 12:48 PM
Quote:
Originally Posted by MahdyE23 (Post 2417303)
This is actually a very amazing mod, thank you for this!
It's certainly timely. See

http://www.vbseo.com/f255/summary-fi...t-issue-55099/

http://www.vbseo.com/f255/filestore-...r-forum-55368/

http://club.myce.com/f20/vbulletin-m...e-them-332219/

http://www.vbseo.com/f255/url123-red...its-end-54125/

The best guess at the moment is that malware is being used to harvest admincp passwords giving the malware network access to your admincp, which is then used to alter certain plugins to redirect your traffic (or do whatever else they want to do to your site for that matter).

There are several things noted in the first two threads that forum owners should be doing to secure their forums and their servers. This add-on provides an extra layer of protection or at least notification if someone does gain access.

djbaxter 04-23-2013 03:50 PM
Suggestion regarding awkward wording in notifications:

Change line 502 to read:

Code:
{1} logged into the AdminCP from IP address {2}.

elitecarders 04-28-2013 08:28 PM
Code:
Sorry, you don't have permission to access the administrative controls on this page.

If you need to access this page, ask your lead administrator to enable your permissions for this page using the Administrator Permissions section of the control panel.
i got this error after installing my ip nothing changed everything was fine

djbaxter 07-15-2013 12:57 AM
Email this evening from this mod:

Quote:
Hi,

northernangel logged into the AdminCP from IP address 209.105.205.53.

AdminCP Firewall
northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.

DemOnstar 07-15-2013 10:23 AM
Installed on Localhost so can't test just yet but security may well be a concern so thank you for your work...

djbaxter 07-16-2013 01:45 PM
Quote:
Originally Posted by djbaxter (Post 2433721)
Email this evening from this mod:



northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.
I figured part of this out because it happened with another forum member today while I was actually online. That member in who's online was shown as viewing a "no permissions" error message, meaning they didn't actually get access to the admincp and that's why there was no log entry.

However, you might want to look more closely at what tirggers the email notification of a breach.

MahdyE23 07-29-2013 09:21 PM
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?

Disco_Stu 07-30-2013 02:22 AM
I would be careful installing a mod that could potentially lock you out of your own ACP. I would think your htaccess security should be sufficient in keeping someone from accessing your ACP.

I experimented with another mod (not this mod) that did not install completely. The result was that I could not access my ACP and I had to completely restore my entire site.

I see that the author no longer has a vBulletin license.

Disco_Stu 07-30-2013 02:23 AM
Quote:
Originally Posted by MahdyE23 (Post 2435989)
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?
Does it work if you add the code to the top of your config file after <?php

eyestrain 08-08-2013 08:51 PM
A very nice mod.
Also nominated as the mod of the month.

thank you

synseal 08-08-2013 09:30 PM
Quote:
Originally Posted by MahdyE23 (Post 2435989)
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?
Open your /includes/config.php and add

PHP Code:

Code:
define('DISABLE_HOOKS', true);
Directly below

PHP Code:
<?php

Bubble #5 08-13-2013 10:38 PM
Love the idea of this hack but what can I do if my router ever has problems, or I have to reset it and I lose the exact IP? How would I log in then?:confused:

RichieBoy67 09-03-2013 03:22 AM
You could simply go into your config file and disallow plug ins. Then log into the admincp and disable.. Bam..


addenum - Disable your plug ins by adding

PHP Code:
define('DISABLE_HOOKS'true); 
To your config php file

Bubble #5 09-03-2013 03:33 AM
Quote:
Originally Posted by RichieBoy67 (Post 2442750)
Then log into the admincp and disable.. Bam..
Disable what? :confused:

ForceHSS 09-03-2013 03:44 AM
Quote:
Originally Posted by Bubble #5 (Post 2442753)
Disable what? :confused:
Note: To temporarily disable the plugin system, edit includes/config.php and add this line right under <?php

PHP Code:
define('DISABLE_HOOKS'true); 

DemOnstar 09-03-2013 05:05 AM
Quote:
Originally Posted by Bubble #5 (Post 2442753)
Disable what? :confused:
Open your /includes/config.php and add

Code:
define('DISABLE_HOOKS', true);
under

Code:
<?php
I am guessing it looks like this when you are done.

Code:
<?php
define('DISABLE_HOOKS', true);
Then log in...Next go to your plugin manager and disable the mod from there..
After that you will either need to remove what you added to the config.php, comment it out or replace the word 'true' with 'false'. But that again is a guess...

Hope that helps...

RichieBoy67 09-03-2013 05:14 AM
Yeah, I should have been a little more descriptive but just seemed obvious to me. Thanks for the correction guys.

zushiba 09-13-2013 07:34 PM
Ah, this is exactly what I was looking for. I was hit with that script kiddy hack going around defacing sites and decided some better security on the AdminCP would be nice.


All times are GMT. The time now is 12:57 PM.
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01404 seconds
  • Memory Usage 1,856KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (6)bbcode_code_printable
  • (5)bbcode_php_printable
  • (27)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete