PDA

View Full Version : Protect Admin CP, But Allow Others Access...


Chris M
08 Sep 2002, 19:35
The "installation.txt" file explains most of the stuff you will need to know, and there are 3 posts :

Post 1 - installation.txt attached
Post 2 - hellsatan.php attached
Post 3 - screenshot

You may edit "hellsatan.php" if you wish, and change the code around, but it is not necessary. It is purely the presence of the file that is the important bit:)

The installation.txt file contains all the Support Information, and the explaination of what this hack does:)

Approx Installation Time : 1 minute
Files to edit : 1 (admin/global.php)
Files to upload : 1 (admin/hellsatan.php)

Satan

Chris M
08 Sep 2002, 19:35
The hellsatan.php file...

Satan

Chris M
08 Sep 2002, 19:36
The screenshot...

Satan

Velocd
08 Sep 2002, 20:12
You're really into hacks that secure the Admin cp Hellsatan :)
If you just use web protect, use large passwords, and don't allow people access to your Admin CP unless they are VERY trustworthy..then you should never have any problems :D

Eitherway, good job. ;)

NTLDR
08 Sep 2002, 20:30
I have a nice .htaccess block :D But hacks that secure the Admin CP are definatly worth while ;)

Chris M
08 Sep 2002, 20:54
@Velo - I have a 14 digit password, .htaccess, this, another code, coded template.php, style.php, forum.php and user.php to only allow me to perform certain functions, and some other stuff:D

I am security paranoid;):D

@NTLDR - I totally agree;)

Satan

NTLDR
08 Sep 2002, 21:28
Wow, thats one protected ACP there hellsatan :D

DrkFusion
08 Sep 2002, 21:36
Yea tell me about it lol...I had to get passed that htaccess for 2 weeks while he was on holiday.

My admin page consists of only a script that I made similar to this, that I use when I am away or off somewhere, it logs ips, and gives warnings and so on.

I am a ip addict, ;) you might of noticed from my previous modification. My ip shiz and hellsatans hate of admin access makes a good mix lol. Thats how I made my admin thing.

Ian
09 Sep 2002, 01:16
So, what exactly does thia hack do?

scsa20
09 Sep 2002, 08:16
what it basicly does is that it's lock you out of the admin cp if it detancts that file, thusk making you to delete the file... just like when you first install vB and it tells you to delete install.php before it lets you in.

Chris M
09 Sep 2002, 17:43
Ah...But scsa forgot to mention that this is a clever little doody:)

This little thingy looks to see what userid you are trying to access it with;)

If you are userid 1 (what it is set to as standard), and you upload the hellsatan.php file, ONLY your admin account cannot access the Control Panel...Ideal if you have more than one admin;)

Satan

Vivi Ornitier
09 Sep 2002, 19:28
I just use a if($bbuserinfo[userid]!=1) { show_nopermisssion(); } in sessions.php

Chris M
10 Sep 2002, 17:21
It has the same effect:)

The only thing about hard-coding it (as such) to not allow userid 1, is that you either have to re-upload a sessions.php file that doesnt have that in to access it, or edit the current one and remove it...This you just rename or delete the file, then upload a new one / rename the one you renamed when you are finished:)

Satan

huuthangn
15 Sep 2002, 14:11
Please tell me which URL to down load all hacks for vbulletin v226, I've just come here, I don't know much.
Thanks for all your help.

email: nbikc@yahoo.com

Chris M
15 Sep 2002, 14:43
http://www.vbulletin.org/hacks/index.php?s=&action=showcat&catid=-1&sortfield=vbversion&sortorder=desc&x=3&y=8

Try the hacks database;)

Just search for hacks via the vB version, and then click on the vB 2.2.6 hacks that you like:)

Satan

Sengir
12 Oct 2002, 14:45
Ok.. great idea.. Here's an idea for a hack that includes the Lesser Admin hack.

Let's say you have this hack and that you download this file allowing only you full AdminCP.

Then you can delegate between other Groups so that they download a different file allowing them access to each group's custom CP. So if I want one lesser admin group to see a CP with only changing a member to a specific group or two, and maybe change the sig.. Then another lesser admin group could only add/modify/delete styles... Is this practically possible to create?

Though, actually.. I am not sure I would use this hack. Mainly because I edit the admincp alot from work.

Maybe though if the hack was created like I just described I could create a custom remoteadmincp..

Also, another idea/suggestion.. A custom cp permissions page would be a great addon. So that you can choose what permissions each custom cp has.. (like groups)

Chris M
12 Oct 2002, 15:08
Hmmm...

Lets see...

It is possible to create a second and third and fourth Control Panel - You would really need to follow the instructions in the Lesser Admin CP hack, and take out the files you dont want them to be able to edit, and then ask if there is any code that you want to implement :

i.e. Styles CP - yourdomain.com/forum/stylecp/
"I want the user to be able to edit, but not delete the styles"...

That kind of thing...

As for the custom cp permissions...Sounds like a great idea!...I shall look into it:D

Satan

Sengir
12 Oct 2002, 22:42
Sweet :)