Version: 1.3.3, by liamwli
Developer Last Online: Dec 2019
Category: Administrative and Maintenance Tools -
Version: 4.x.x
Rating:
Released: 03-20-2013
Last Update: 04-04-2013
Installs: 103
Uses Plugins
Re-useable Code Translations
No support by the author.
This is a mod I made to increase the security of your forum!
It has the following features:
Email alert when an Admin logs into the CP
IP Checking for Admins
E-Mail if the IP isn't whitelisted
Block user access to the AdminCP if the IP isn't whitelisted
E-Mail if someone fails an AdminCP login
Those features will allow you to secure your AdminCP - and the only upload required is the product file!
So, what are you waiting for? Install now
Update History
Version 1.3.3:
PHP error should be fixed
Version 1.3.2:
Fixed - PHP error message when logging into AdminCP
Branding Removed
Version 1.3.1:
Fixed - text would be displayed on login failure page if failure email turned off or not from admincp
Version 1.3:
Added - Ability to have an email sent when someone fails an admincp login.
Added - Branding. Sorry! Any donation of ?2.50 or more will allow you to remove it
Version 1.2:
Added - Ability to specify IP's as CIDR ranges
Added - Ability to set both IP email and IP deny
Added - IP email will now tell you if any forum members registered using the unauthorized IP
Changed - Updated Admin Help Pages
Version 1.1:
Added - Ability to specify multiple email addresses
Added - Help entries for the admin options
Changed - IP's are separated with a line break now, not a comma.
Mark as Installed if Installed and Nominate for MOTM if you think this mod deserves it!
-----------
Donating
I kindly accept donations for my work. Donating will allow you to remove the branding. You can donate via paypal using the link on the right, or using bitcoin. Please PM me if you wish to donate using bitcoin.
This modification is free to modify and distribute with attribution. I no longer own a vBulletin license.
Just adding the genereric disable hooks define to your config.php would also allow you back in.
PHP Code:
// Disable Hooks define('DISABLE_HOOKS',true);
I did just that...
There is however a slim, coincidental hole with this idea as it will disable all the spam stuff, the protection stuff and everything else for the brief period where one has to do the changes in config.php and then gain access again to add another IP..
There is a vulnerability here... I like the password idea.
Just adding the generic disable hooks define to your config.php would also allow you back in.
PHP Code:
// Disable Hooks define('DISABLE_HOOKS',true);
Quote:
Originally Posted by ozzy47
Paul, If I understand this mod correctly, it does not use hooks, it can not be disabled that way.
So the way to disable it is the way I said in post #83 and as theOP described in post #2
I just added both to my config.php and left them commented out..
In that case, when the inevitable day comes where I have to use them, I know they are there...
I guess next I have to protect the includes folder..
There is a vulnerability here... I like the password idea.
At a minimum it should have a password, but after thinking about it I'd prefer if the admin could fill out their own security question in the ACP, and then answer it. There are scripts that can guess passwords, but who's going to know the answer to your own security question but you?
At a minimum it should have a password, but after thinking about it I'd prefer if the admin could fill out their own security question in the ACP, and then answer it. There are scripts that can guess passwords, but who's going to know the answer to your own security question but you?
AdminCP Firewall ~ Protect your AdminCP! Details »»
About Developer
Uses Plugins 
No support by the author.
09-18-2013, 10:44 AM
