The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
|
|||
|
|||
securing admin cp
i got some security problems last time
i saw in the logs that some ips tried constantly to access my admin cp and it wasnt my or any other admins ip so i tested the one mail-by-wrong-login hack by firefly, and hm ok i saw now, that someone try to bruteforce admin accounts passwords. i blocked the ip on the server then and what happened some hours later? ip changed and same thing again :/ ok im not totaly-stupid and tried to code a hack to automaticaly ban this users from the admin/index.phpm but everytime i screwed up something. one try i was banned after 3 visits, other try i even cant login :/ woulrd be nice if someone can take this 10 mins and code a secure hack for this, im sure its usefull for more some more users here required features: -automaticaly banned after x (3 or 5 or so) failed logins attempts to admin cp AND failed logins into normal board -if possible, banned from every script, if not, banned from index.php and admin/index.php -banned ips stored in sql database (to clean them out, if needed) -auto-unbanning after x hours (6,12,24 or so) would-be-nice-but-not-absolutely-needed features: -accessible in admin cp (manuel-banning and manuel-unbanning) -email-report (ip, tried passes, time and link to search on board for ip) (+perhaps to more as 1 email) -report stored in sql databse and visible on admin cp thanks for reading and hopefully helping me --Rehtsel-- |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|