Get an e-mail if someone is trying to access your Admin CP (With IP address)

Here's my version:

In sessions.php find this code:

Code:

    if (md5($loginpassword)!=$bbuserinfo[password]) {

right below it, add this code:

Code:

			$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
			$iphostname = @gethostbyaddr($ipaddress);
			$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
			mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

You will get a message:

Quote:

Someone is trying to login using your admin account!

Username he tried to use: xxx
Password he tried to use: xxx (xxxxxxxxxxxxxxxxxxxx in encryption)

The IP address is: xx.xx.xx.xx

every time someone is trying to login to the admin cp with no success.

Have fun.

[BlackTiger]

YES! It's working again in 2.3.0 final. But maybe some feature can be added. I will state it below
I did it like this:

Under this line:
if (md5($loginpassword)!=$bbuserinfo[password]) {

add:
$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("R EMOTE_ADDR"),$HTTP_HOST);
$iphostname = @gethostbyaddr($ipaddress);
$message="Someone is trying to login using your admin account!\n\nUsername he tried to use: $loginusername\nPassword he tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname";
mail($webmasteremail,"Warning: vBulletin Admin Login Tried",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");

It works in 2.3.0 final, but only when the username of the admin is used.
So if you don't have the username Administrator as admin, you won't get any mail if somebody is trying to login as Administrator.
If you username is Joe and you are admin, and somebody is trying to login as Joe, you -will- get an email.

Feature:
A nice feature would be if could be detected if *anybody* is trying to login to the Admin cp no matter which username he is trying, so you will also get an email if somebody is trying to login as Administrator in your admin cp, even if the user "Administrator" does not exist.

[legendarysk8er]

Nice hack FireFly.

/me clicks install.

[Salazar]

Nice Hack, Chen! :classic:

[high]* Salazar clicked install already [/high]

[GsxrTony]

[QUOTE]06-08-03 at 01:02 PM BlackTiger said this in Post #230
Thank you for the tip, but unfortunately that does not work, i just tried. I also think the mail command is send to the server and the server would not understand vbmail as command, or maybe it should be $vbmail then?

Would be nice if Firefly would have a look into this. It's a great hack and I really would like to continue to use it in 2.3.0 beside my .htaccess security, double security is always more safe.

Maybe I could also use the updated version with more info but I need a version then which is tested and working on 2.3.0 too.

[Danielo]

i have installed it

[kalle]

vieln dank
diesen hack habe ich gesucht
gute arbeit
thx

[BrAinZ]

Just testing this... looks good.. THANKS !

[PurpleCow]

I'd like to use this hack, if its working on stable release of vB 2.3.0 ??

thanks

[xlguy]

Yes this hack works fine, I just followed the instructions in the very first post.

I'm on 2.3.3 here

*Clicks install!

[Mu5icMan]

is it possaible to mods this a little to alert the webmaster of all invalid attemps not just admin cp