htaccess Protection for admincp & any dir

this is a very simple hack
its only main function is to add htaccess protection for any dir by adding some small lines in the begining of Dir's index

our application will be on admincp's index (index.php)

Description: This hack will add htaccess protection to any folder by adding small lines in its index.php file & the user name & password for this protection is determined by two varables in the same file & if the data entered was wrong, the page will give a black background with a title (Unauthorized) & a content says (Enter Here Only) when clicking it, it will direct to forum's root (index.php by default), this means douple security (likes Look THIS.

Please Note: The Default User Name & Paaaword for entering through this Protection Is (User: 123 / Pass: 321) See the last two line to know how to change this values

installation:
open the file index.php present in the dir admincp & search for the following code:

PHP Code:

|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/ 


& put under it the following code:

PHP Code:

$index['public'] = $index['public'];
$phpkd['username'] = "123";    // Here Is the User Name
$phpkd['password'] = "321";    // Here Is The htaccess Password

if(!$index['public']){
if($_SERVER['PHP_AUTH_USER'] != $phpkd['username'] || $_SERVER['PHP_AUTH_PW'] != $phpkd['password']){
Header("WWW-Authenticate: Basic realm=\"Highly Secured\"");
Header("HTTP/1.0 401 Unauthorized");echo "<head><title>Unauthorized</title></head><body bgcolor='#000000'><center><br>
<a href=\"../index.php\" style=\"text-decoration: none\" target=\"_blank\">
<font face=\"MS Sans Serif\" color=\"#FFFFFF\" size=\"8\"><b><br>Enter Here Only<br></b></a></body></html>";exit;}} 


Note 1: change the values of the two variables $phpkd['username'] / $phpkd['password'] to the username & password needed & note not to change this $index['public'] = $index['public'];

Note 2: This Protection Gives the authority for entering to onnly the username & passord defined in the file (above modification) & after passing through this htaccess protection you will find the Normal vbulletin admincp login screen & then you can go with the normal admin data recorded in the forum itself.

Hope I have explained enough for beginners.

[JsnakeJ]

Nice work, isn't the admincp already protected enough though?

[Hornstar]

You can never protect your forum enough. Very nice work and this will be getting used by me. Thanks

[Logikos]

Quote:

Originally Posted by JsnakeJ

Nice work, isn't the admincp already protected enough though?

Apperentally vBulletin Developers don't think so

http://www.vbulletin.com/forum/admincp

[FleaBag]

Looks like they do now!

[evenmonkeys]

I used to as well. I don't anymore because it's annoying. =P

[Blackbeard]

this is great m8 well done, could this be changed to add to say a forum on our site, where different usergroup needs access to a forum

[IrPr]

i don't no why, but doesnt work for me on 3.5.3

[Sooner95]

you can do this via your Cpanel's too..

And, yes can never have enuff.

[Omranic]

This is for extra protection

Blackbeard ===> Till now I can't find any way to get data from database
but i'm searching & trying for that

Moosa ===> It must work fine coz it doesn't depend on the vbulletin code, its Related to PHP Language as general, so u must follow my steps carefully & u will get it right.