vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.5 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=113)
-   -   Security: Admin IP Address Log and Compare (https://vborg.vbsupport.ru/showthread.php?t=119100)

Xenium 06-19-2006 10:00 PM
Security: Admin IP Address Log and Compare
 
This product will add a security feature into your admincp. When you log into your admin account, your IP address will be logged. On the main admincp index page your current IP address along with the previously logged IP will be shown plus a compare status. This will allow you to check if anyone else has been logging into your account without you knowing, and therefore take the necessary precautions to avoid it happening again.

There is purposly no pruning feature inbuilt, to avoid the possiblity of an unauthorised user taking advantage of it. Of course if your config settings allow you to execute DB queries within your admincp, then unauthorised users could modify the logged ips. I suggest you turn it off by editing includes/config.php and making sure the setting below has no userid's
PHP Code:
$config['SpecialUsers']['canrunqueries'] = ''
You can install a seperate script to run queries eg "phpmyadmin"

Stats

Installation Time: 1 Minute
Added Queries: 1 on specified admin login, 1 on admincp homepage
One Off Queries: 1 on installation, 1 on uninstallation
Added DB Tables: 1
Added Phrases: 5
Added Settings: 1

Installation Instructions
  1. Simply upload the product
  2. Modify "Admin IP Address Checker Box" Setting in vBulletin Options
  3. Click Install

To-Do List

Add Multiple admin support
Add dynamic IP support
Add IP Exceptions list


Screenshots are below

projectego 06-20-2006 03:11 AM
Nice idea. :)

Rickie3 06-20-2006 06:15 AM
great idea cheers *installed*

hotwheels 06-20-2006 12:29 PM
schweet........

hotwheels 06-20-2006 02:04 PM
It locked me out of my site......Can you please post or pm me the mysql database code? I tried to remove the admin_ip_checker and i can't get into my site still.
Quote:
Database error in vBulletin 3.5.4:

Invalid SQL:

INSERT INTO vb3admin_ip_checker
(id, ipaddress)
VALUES ('', '69.146.155.79');;

MySQL Error : Table 'hotwheel_forums.vb3admin_ip_checker' doesn't exist
Error Number : 1146
Date : Tuesday, June 20th 2006 @ 11:01:37 AM
Script : http://www.insanemustangs.com/forums/login.php
Referrer : http://www.insanemustangs.com/
IP Address : ********
Username : *******
Classname : vb_database

hotwheels 06-20-2006 02:39 PM
I found it in the xml file............thanks

Xenium 06-20-2006 03:48 PM
Quote:
Originally Posted by hotwheels
I found it in the xml file............thanks

Glad that you got it sorted out :) Odd that it didnt add the table on installation of the product though.

hotwheels 06-20-2006 05:03 PM
when it wrote the table for my site, it wrote
Quote:
admin_ip_checker
instead of
Quote:
vb3admin_ip_checker
so i just took
Quote:
CREATE TABLE `admin_ip_checker` (
`id` INT( 15 ) NOT NULL AUTO_INCREMENT ,
`ipaddress` VARCHAR( 15 ) NOT NULL ,
INDEX ( `id` )
) TYPE = MYISAM
and changed it too
Quote:
CREATE TABLE `vb3admin_ip_checker` (
`id` INT( 15 ) NOT NULL AUTO_INCREMENT ,
`ipaddress` VARCHAR( 15 ) NOT NULL ,
INDEX ( `id` )
) TYPE = MYISAM
Work's perfectly now..........I think it is just the way mysql is set up.......

Xenium 06-20-2006 05:54 PM
Quote:
Originally Posted by hotwheels
Work's perfectly now..........I think it is just the way mysql is set up.......
Nope. It's my fault. I forgot to add table prefix to the install and uninstall code. I've updated the file now. :)

Change your uninstall code to the following.

PHP Code:
$db->query_write("DROP TABLE " TABLE_PREFIX "admin_ip_checker"); 
That will avoid any problems when you want to uninstall the product. Or you could change the name of the table you created in phpmyadmin to admin_ip_checker, then uninstall the product and reinstall the updated file.

hotwheels 06-21-2006 06:58 PM
Thanks, i appreciate the update.........

Xenium 06-22-2006 12:53 AM
Quote:
Originally Posted by hotwheels
Thanks, i appreciate the update.........
No Problem :)

Xenium 06-22-2006 12:54 AM
Quote:
Originally Posted by Caravan
Didn't work for me.

No matter what it never showed an IP address.
Well if you installed the product, the panel should show up in the admincp home page. You will need to log in and out of the admincp, then the logged IP address will show up.

oberheimhaven 06-24-2006 12:18 AM
BAM!! I knew it soon as I signed in it stated not same IP address thanks mate great hack Installed 3.5.4 no problem any suggestions on next step besides me changing my P word

XFSImperial 06-24-2006 01:40 AM
If I add additional userids to the options section, can this feature be extended to my other administrators?

Xenium 06-24-2006 02:07 AM
Quote:
Originally Posted by oberheimhaven
BAM!! I knew it soon as I signed in it stated not same IP address thanks mate great hack Installed 3.5.4 no problem any suggestions on next step besides me changing my P word
Well that's not entirely true. You need to log out then back in again once in order for it to log your ip address. At the beginning itwill always say that IP's don't match because it hasnt logged an IP fom you yet.

Xenium 06-24-2006 02:09 AM
Quote:
Originally Posted by XFSImperial
If I add additional userids to the options section, can this feature be extended to my other administrators?
I could extend it to work work with multiple admins. I might add this functionality at a later date.

Shazz 06-25-2006 12:06 AM
Quote:
Originally Posted by Xenium
I could extend it to work work with multiple admins. I might add this functionality at a later date.
please do! :D
________
BMW M47 history

Xenium 07-12-2006 12:47 PM
Quote:
Originally Posted by Mike-D
Hmm I have the same problem while I'm Online on my board. But I do not have the problem when I use your Hack on my TestvB 'Local'. Kinda strange, right? Well, I did it several times: Login...LogOut...Login...Logout. Then I wait some min's and I restart it. I get always the same result and message, that my IP address does not match. Do you know what's wrong? Thank you for your time ;). You did a great job with your hack. I love it really ;) -Mike

Try to log in and out a couple of times. If you still have the same problem, then look at the admin_ip_checker table in something like phpmyadmin and PM me a list of the entries.

Xenium

Luke Brown256 07-26-2006 09:27 PM
Hi was just wondering if this could be extended for all admins, that way it provides extra security
are there any plans to do so at a later date?

Xenium 07-28-2006 11:29 PM
Quote:
Originally Posted by Luke Brown256
Hi was just wondering if this could be extended for all admins, that way it provides extra security
are there any plans to do so at a later date?
I will work on this very soon.

Watched 07-30-2006 03:43 AM
i have to agree, the option to add multiple admins would be GREATLY appreciated.

Watched 10-12-2006 12:38 PM
it seems this one is getting updated anytime soon :(

wengi 10-12-2006 01:31 PM
Very nice hack m8 ... but as already stated it would be better if set for multiple admins. Thnks again.

Regards
Wengi


All times are GMT. The time now is 04:59 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01223 seconds
  • Memory Usage 1,773KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (14)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (23)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete