vb.org Archive
Page 3 of 65 12 3 451353 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)
-   -   Administrative and Maintenance Tools - Multiple Account Detection & Prevention (https://vborg.vbsupport.ru/showthread.php?t=199077)

Forum-Germany 12-18-2008 12:03 AM
If I hack your (zip) unzip, I get a folder. / Upload / madp.
Do I have this folder in the root add?

www.Forum-Germany.de/Forum/madp/ <- really?

So I copy your php files with others in the root, but the whole folder.

Kiros72 12-18-2008 12:06 AM
The entire folder should be copied. After the upload, you should have this:

www.forum-germany.de/forum/madp/detection.php
www.forum-germany.de/forum/madp/functions_madp.php
www.forum-germany.de/forum/madp/prevention.php
www.forum-germany.de/forum/madp/set.php

(IF www.forum-germany.de/forum/ is the location of your forums!)

The product file (product-kiros_madp.xml) also needs to be imported through the AdminCP product manager.

Forum-Germany 12-18-2008 12:11 AM
Thank you. I have it installed. It has 20 seconds. :D

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.

blind-eddie 12-18-2008 12:18 AM
Quote:
Originally Posted by blind-eddie (Post 1687658)
On my site, I have a few members who live in the same address. If they both take turns on their pc, this will detect them & ban them?

Is there a way to stop that from happening. If not, this could be a bad idea for some boards.


Quote:
Originally Posted by Kiros72 (Post 1687683)
When they login, nothing will be done except a detection report. A user will not be affected unless he/she is registering - in which case, the registrant will be moved to the Prevention Usergroup or rebanned if a previous account is found to be banned. Again, the Login Detection will not prevent a user from logging in nor will it ban anyone; it will just notify you through PM/thread depending on your settings.

If you do not want to receive the notifications for those users who use the same computer, then add one of their User ID numbers to the Ignored Users and enable Ignore Child Accounts. With Ignore Child Accounts enabled, as long as a user is seen as a multiple of an ignored user (or Usergroup), the user will be ignored from any kind of detection.

Would that solve your problem? :)
Yes, that would solve my problem, Thank you.:up:

Kiros72 12-18-2008 02:19 AM
Quote:
Originally Posted by Forum-Germany (Post 1687720)
Thank you. I have it installed. It has 20 seconds. :D

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.
I'm not sure that there would be a way to disallow public access but to allow vBulletin to still use it. This is partially why a .htaccess file is not included in this modification. The majority of the reason is because there is no way that any of these files can be used improperly. None of these files use $_GET, $_REQUEST, or $_POST. Only $_COOKIE is used and that will not even get called if someone manually accesses the files. You should not worry about this.

If you know how, you can simply copy the code from the files to the plugins, but this will make vBulletin consistently use more memory. The modification is coded with files to make everything faster and more efficient. Again, the files do not add any risk because they are only useful if vBulletin uses them - not if some person tries to.

Quote:
Originally Posted by blind-eddie (Post 1687725)
Yes, that would solve my problem, Thank you.:up:
Notta problem. Just remember to mark it as installed for updates ;)

Forum-Germany 12-18-2008 11:59 AM
ok I do not install htaccess.

another problem:

I was with the IE as admin and registered with the FF as a user. but there is no double account displayed. pn, etc. did not set anything.

1320Nation 12-18-2008 01:33 PM
What is the main difference between your mod and this here: https://vborg.vbsupport.ru/showthrea...Login+Detector

Forum-Germany 12-18-2008 01:38 PM
That is but in the description. ;)

my evil twin 12-18-2008 05:23 PM
Quote:
Originally Posted by Forum-Germany (Post 1687685)
2nd why no htaccess file? dan but everyone can access it or I see this wrong? I do not want a door for a hacker up. do you?
Why don't you disable open directory listing, or just upload a blank "index.html"-file to this folder?

nobody can access your directory then without knowing the exact filenames.

ray- 12-18-2008 06:07 PM
Nice mod. Found a small error in 2 phrases.
In madp_reg_message:
Code:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered. {4}
madp_regip_message:
Code:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered with the IP address: {5}. {4}
(I removed the URL-tags in the above to avoid being displayed as links)
The &amp; isn't being parsed. The link will now show up as
Code:
http://www.forum.com/member.php?do=getinfo&amp;username=ray
and it should be
Code:
http://www.forum.com/member.php?do=getinfo&username=ray


All times are GMT. The time now is 01:40 PM.
Page 3 of 65 12 3 451353 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02010 seconds
  • Memory Usage 1,746KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete