Get an e-mail if someone is trying to access your Admin CP (With IP address)

Here's my version:

In sessions.php find this code:

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {

right below it, add this code:

Code:

			$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

You will get a message:

Quote:

Someone is trying to login using your admin account!

Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)

The IP address is: xx.xx.xx.xx

every time someone is trying to login to the admin cp with no success.

Have fun.

[Renegade]

Very useful hack, but what if I wanted an email to also go to my Super Moderators as well?

[Greystang302]

[QUOTE]Originally posted by Boofo
Where can I get that version? I can't seem to find it here. :surprised:

[Boofo]

But with all of the code in this thread, what is the final best working version? I am on a Linux server if that changes anything.

[QUOTE]Originally posted by Greystang302

You can find it on a previous page within this thread.

[Erwin]

Use this one without any modifications - it works.

Post #108

https://vborg.vbsupport.ru/showthrea...079#post232079

[curley]

Sorry but 11 pages...does anyoen know where the final version is?

Erwin, is it in the entire post by 'Mutt' per your link above?

Thanks all!

j

[Erwin]

Yes - put his code into the 2 files he suggests.

[Boofo]

I'm getting 3 emails with this code. The first one shows no username bit gives me a code in the password line, the second shows all of the info and the third shows all of the info plus an extra sessions name line. Any ideas why this is happening?

[QUOTE]Originally posted by Mutt
[B]firefly, I've added alittle to your hack

Here's the chunk of code that needs to be added to 2 files

PHP Code:

            // email alert
            $ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
            $iphostname = @gethostbyaddr($ipaddress);
            if ($HTTP_COOKIE_VARS['bbuserid']) {
                $realuserid = $HTTP_COOKIE_VARS['bbuserid'];
                $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$realuserid'");
                $MessageAddon .= "\nThier cookie identifys them as ".addslashes($realusername[username]."\n");
            }
            if ($sessionids=$DB_site->query("SELECT userid FROM session WHERE host='$ipaddress' AND userid>0 GROUP BY userid")) {
                while ($sessionid = $DB_site->fetch_array($sessionids)) {
                    $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$sessionid[userid]'");
                    $MessageAddon .= "\nSessions identifys them as ".addslashes($realusername[username]);
                }
            }
            $message="Someone is trying to login to the $bbtitle control panel!\nThe Script was : $PHP_SELF\n\nUsername they tried to use: $loginusername\nPassword they tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname\n\nSearch for members using this ip\n $bburl/admin/user.php?action=doips&s=&ipaddress=$ipaddress\n$MessageAddon";
            mail($webmasteremail,"Warning: vBulletin Admin Login Attempted",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
            // email alert 


[mashby]

Piece of cake to install and a super cool hack. Thanks Firefly!

[Gaz.t]

Thank you very MUCH

[Greystang302]

Anybody using this with version 2.2.7? I am getting ready to upgrade, and checking to see if all of my hacks are working successfully with the newest version. Thanks!