Get an e-mail if someone is trying to access your Admin CP (With IP address)

Here's my version:

In sessions.php find this code:

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {

right below it, add this code:

Code:

			$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

You will get a message:

Quote:

Someone is trying to login using your admin account!

Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)

The IP address is: xx.xx.xx.xx

every time someone is trying to login to the admin cp with no success.

Have fun.

[deepdark]

if (isset($loginusername) and isset($loginpassword)) {
if ($bbuserinfo=$DB_site->query_first("SELECT user.*,userfield.* FROM user LEFT JOIN userfield ON userfield.userid=user.userid WHERE user.username='".addslashes(htmlspecialchars($logi nusername))."'")) {
if (md5($loginpassword)!=$bbuserinfo[password]) {
$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("R EMOTE_ADDR"),$HTTP_HOST);
$iphostname = @gethostbyaddr($ipaddress);
$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

[Doubledoom]

works fine on 2.3.0 final for me.

[Jujimufu]

Great Hack, love it =]

[padblaz]

thanks for this hack
i've got a suggestion:
it would be great if you can receive this message via icq/msn/aim/etc.

[gmarik]

Chen, the same thing on 2.3 - fix-it, please!

[Christine]

This is working as written in my 2.3.0-final upgrade.

I LOVE this hack.

[leon2u]

I have upgraded to version 2.3.0 and used this code (see attachment). Is this code still correct or do I need an updated code? At this moment Vbulletin is not sending me a breakin message :ermm:

Please help...

[BlackTiger]

Well i tried the first post of Firefly on the final 2.3.0 and it is not sending any mail to me.
Does anyone have the plain original Firefly version working on 2.3.0? I do not need the version with host lookups and all, knowing the stuff that's in FF's original hack is enough for me.
Please help.

[Koutaru]

people using 2.3 change "mail" to "vbmail", I think that may help. However, I haven't tested the hack so :dead:

[BlackTiger]

Thank you for the tip, but unfortunately that does not work, i just tried. I also think the mail command is send to the server and the server would not understand vbmail as command, or maybe it should be $vbmail then?

Would be nice if Firefly would have a look into this. It's a great hack and I really would like to continue to use it in 2.3.0 beside my .htaccess security, double security is always more safe.

Maybe I could also use the updated version with more info but I need a version then which is tested and working on 2.3.0 too.