vb.org Archive
Page 7 of 16 « First 56 7 89 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   Administrative and Maintenance Tools - AdminCP Firewall ~ Protect your AdminCP! (https://vborg.vbsupport.ru/showthread.php?t=296383)

djbaxter 04-19-2013 10:56 AM
Quote:
Originally Posted by djbaxter (Post 2417276)
Using email notification only at the moment:
  • requires me to enter an IP address even though I've not enabled Ip monitoring or filtering
  • works as expected if the admincp folder is not renamed
  • does not trigger an email on one forum where the admincp forum IS renamed to something else (e.g., new_admin)
Quote:
Originally Posted by liamwli (Post 2417277)
Did you change the field marked admincp directory, found in the options?
Quote:
Originally Posted by djbaxter (Post 2417278)
Yes, of course. It has the correct folder name there, no leading or trailing slashes, just like with the other forums. And the new folder is in the root of the forum directory, just as the admincp folders are.
I checked the setting in the vBulletin Email Options and found an incorrect setting in the one that wasn't working (the one with the renamed admincp). Specifically the "Enable '-f' Parameter" was set to YES on that one forum. I turned it off and the email notifications of admincp logins are now working correctly.

MahdyE23 04-19-2013 11:31 AM
This is actually a very amazing mod, thank you for this!

djbaxter 04-19-2013 12:48 PM
Quote:
Originally Posted by MahdyE23 (Post 2417303)
This is actually a very amazing mod, thank you for this!
It's certainly timely. See

http://www.vbseo.com/f255/summary-fi...t-issue-55099/

http://www.vbseo.com/f255/filestore-...r-forum-55368/

http://club.myce.com/f20/vbulletin-m...e-them-332219/

http://www.vbseo.com/f255/url123-red...its-end-54125/

The best guess at the moment is that malware is being used to harvest admincp passwords giving the malware network access to your admincp, which is then used to alter certain plugins to redirect your traffic (or do whatever else they want to do to your site for that matter).

There are several things noted in the first two threads that forum owners should be doing to secure their forums and their servers. This add-on provides an extra layer of protection or at least notification if someone does gain access.

djbaxter 04-23-2013 03:50 PM
Suggestion regarding awkward wording in notifications:

Change line 502 to read:

Code:
{1} logged into the AdminCP from IP address {2}.

elitecarders 04-28-2013 08:28 PM
Code:
Sorry, you don't have permission to access the administrative controls on this page.

If you need to access this page, ask your lead administrator to enable your permissions for this page using the Administrator Permissions section of the control panel.
i got this error after installing my ip nothing changed everything was fine

djbaxter 07-15-2013 12:57 AM
Email this evening from this mod:

Quote:
Hi,

northernangel logged into the AdminCP from IP address 209.105.205.53.

AdminCP Firewall
northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.

DemOnstar 07-15-2013 10:23 AM
Installed on Localhost so can't test just yet but security may well be a concern so thank you for your work...

djbaxter 07-16-2013 01:45 PM
Quote:
Originally Posted by djbaxter (Post 2433721)
Email this evening from this mod:



northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.
I figured part of this out because it happened with another forum member today while I was actually online. That member in who's online was shown as viewing a "no permissions" error message, meaning they didn't actually get access to the admincp and that's why there was no log entry.

However, you might want to look more closely at what tirggers the email notification of a breach.

MahdyE23 07-29-2013 09:21 PM
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?

Disco_Stu 07-30-2013 02:22 AM
I would be careful installing a mod that could potentially lock you out of your own ACP. I would think your htaccess security should be sufficient in keeping someone from accessing your ACP.

I experimented with another mod (not this mod) that did not install completely. The result was that I could not access my ACP and I had to completely restore my entire site.

I see that the author no longer has a vBulletin license.


All times are GMT. The time now is 06:29 PM.
Page 7 of 16 « First 56 7 89 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01299 seconds
  • Memory Usage 1,751KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete