Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
AdminCP Firewall ~ Protect your AdminCP! Details »
AdminCP Firewall ~ Protect your AdminCP!
Mod Version: 1.3.3, by liamwli (Coder) liamwli is offline
Developer Last Online: Dec 2019 I like it Show Printable Version Email this Page

vB Version: 4.x.x Rating: (21 votes - 5.00 average) Installs: 101
Released: 21 Mar 2013 Last Update: 05 Apr 2013 Downloads: 623
Not Supported Uses Plugins Re-usable Code Translations  

This is a mod I made to increase the security of your forum!

It has the following features:
  • Email alert when an Admin logs into the CP
  • IP Checking for Admins
  • E-Mail if the IP isn't whitelisted
  • Block user access to the AdminCP if the IP isn't whitelisted
  • E-Mail if someone fails an AdminCP login
Those features will allow you to secure your AdminCP - and the only upload required is the product file!

So, what are you waiting for? Install now

Update History
Version 1.3.3:
PHP error should be fixed

Version 1.3.2:
Fixed - PHP error message when logging into AdminCP
Branding Removed

Version 1.3.1:
Fixed - text would be displayed on login failure page if failure email turned off or not from admincp

Version 1.3:
Added - Ability to have an email sent when someone fails an admincp login.
Added - Branding. Sorry! Any donation of 2.50 or more will allow you to remove it

Version 1.2:
Added - Ability to specify IP's as CIDR ranges
Added - Ability to set both IP email and IP deny
Added - IP email will now tell you if any forum members registered using the unauthorized IP
Changed - Updated Admin Help Pages

Version 1.1:
Added - Ability to specify multiple email addresses
Added - Help entries for the admin options
Changed - IP's are separated with a line break now, not a comma.

Mark as Installed if Installed and Nominate for MOTM if you think this mod deserves it!

-----------

Donating

I kindly accept donations for my work. Donating will allow you to remove the branding. You can donate via paypal using the link on the right, or using bitcoin. Please PM me if you wish to donate using bitcoin.

This modification is free to modify and distribute with attribution. I no longer own a vBulletin license.

Download Now

Only licensed members can download files, Click Here for more information.

Screenshots

Click image for larger version

Name:	cpfirewall_settings.jpg
Views:	1196
Size:	92.8 KB
ID:	144258  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Protect AdminCP while Away and Log Ip Address DrkFusion vBulletin 2.x Full Releases 13 25 Jan 2003 15:08

  #61  
Old 19 Apr 2013, 11:56
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Originally Posted by djbaxter View Post
Using email notification only at the moment:
  • requires me to enter an IP address even though I've not enabled Ip monitoring or filtering
  • works as expected if the admincp folder is not renamed
  • does not trigger an email on one forum where the admincp forum IS renamed to something else (e.g., new_admin)
Originally Posted by liamwli View Post
Did you change the field marked admincp directory, found in the options?
Originally Posted by djbaxter View Post
Yes, of course. It has the correct folder name there, no leading or trailing slashes, just like with the other forums. And the new folder is in the root of the forum directory, just as the admincp folders are.
I checked the setting in the vBulletin Email Options and found an incorrect setting in the one that wasn't working (the one with the renamed admincp). Specifically the "Enable '-f' Parameter" was set to YES on that one forum. I turned it off and the email notifications of admincp logins are now working correctly.
Reply With Quote
  #62  
Old 19 Apr 2013, 12:31
MahdyE23 MahdyE23 is offline
 
Join Date: Apr 2013
This is actually a very amazing mod, thank you for this!
Reply With Quote
  #63  
Old 19 Apr 2013, 13:48
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Originally Posted by MahdyE23 View Post
This is actually a very amazing mod, thank you for this!
It's certainly timely. See

http://www.vbseo.com/f255/summary-fi...t-issue-55099/

http://www.vbseo.com/f255/filestore-...r-forum-55368/

http://club.myce.com/f20/vbulletin-m...e-them-332219/

http://www.vbseo.com/f255/url123-red...its-end-54125/

The best guess at the moment is that malware is being used to harvest admincp passwords giving the malware network access to your admincp, which is then used to alter certain plugins to redirect your traffic (or do whatever else they want to do to your site for that matter).

There are several things noted in the first two threads that forum owners should be doing to secure their forums and their servers. This add-on provides an extra layer of protection or at least notification if someone does gain access.
Reply With Quote
  #64  
Old 23 Apr 2013, 16:50
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Suggestion regarding awkward wording in notifications:

Change line 502 to read:


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Reply With Quote
  #65  
Old 28 Apr 2013, 21:28
elitecarders elitecarders is offline
 
Join Date: Nov 2012

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

i got this error after installing my ip nothing changed everything was fine
Reply With Quote
  #66  
Old 15 Jul 2013, 01:57
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Email this evening from this mod:

Hi,

northernangel logged into the AdminCP from IP address 209.105.205.53.

AdminCP Firewall
northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.
Reply With Quote
  #67  
Old 15 Jul 2013, 11:23
DemOnstar's Avatar
DemOnstar DemOnstar is offline
 
Join Date: Dec 2012
Installed on Localhost so can't test just yet but security may well be a concern so thank you for your work...
Reply With Quote
  #68  
Old 16 Jul 2013, 14:45
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Originally Posted by djbaxter View Post
Email this evening from this mod:



northernangel is a valid membername from a member who had not logged in for a long time. The member was not ad admin or moderator. The records show that member did log in to her account about the time the email was generated but it was from a different IP address and a different country than the one on record. There is no indication in the logs of any entry into the admincp from that member or indeed any member other than the two admins.

How is this possible? Is this a false positive?

I have changed the password for that member, banned the member at the forum level, and banned the IP at the server level to be safe. But should there not be a log entry if there indeed was a breach?

By the way, in order to gain access to the AdminCP, two passwords are required.
I figured part of this out because it happened with another forum member today while I was actually online. That member in who's online was shown as viewing a "no permissions" error message, meaning they didn't actually get access to the admincp and that's why there was no log entry.

However, you might want to look more closely at what tirggers the email notification of a breach.
Reply With Quote
  #69  
Old 29 Jul 2013, 22:21
MahdyE23 MahdyE23 is offline
 
Join Date: Apr 2013
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?
Reply With Quote
  #70  
Old 30 Jul 2013, 03:22
Disco_Stu's Avatar
Disco_Stu Disco_Stu is offline
 
Join Date: Apr 2012
I would be careful installing a mod that could potentially lock you out of your own ACP. I would think your htaccess security should be sufficient in keeping someone from accessing your ACP.

I experimented with another mod (not this mod) that did not install completely. The result was that I could not access my ACP and I had to completely restore my entire site.

I see that the author no longer has a vBulletin license.
Reply With Quote
  #71  
Old 30 Jul 2013, 03:23
Disco_Stu's Avatar
Disco_Stu Disco_Stu is offline
 
Join Date: Apr 2012
Originally Posted by MahdyE23 View Post
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?
Does it work if you add the code to the top of your config file after <?php
Reply With Quote
  #72  
Old 08 Aug 2013, 21:51
eyestrain eyestrain is offline
 
Join Date: Aug 2008
A very nice mod.
Also nominated as the mod of the month.

thank you
Reply With Quote
  #73  
Old 08 Aug 2013, 22:30
synseal's Avatar
synseal synseal is offline
 
Join Date: Apr 2009
Real name: Ben Dover.
Originally Posted by MahdyE23 View Post
My IP changed and now I cannot access my ACP. I tried adding that code at the end of the config.php, but it did nothing. Please help me?
Open your /includes/config.php and add

PHP Code:


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Directly below

PHP Code:
<?php
__________________
Tech forum.
Reply With Quote
  #74  
Old 13 Aug 2013, 23:38
Bubble #5 Bubble #5 is offline
 
Join Date: Apr 2005
Question

Love the idea of this hack but what can I do if my router ever has problems, or I have to reset it and I lose the exact IP? How would I log in then?
__________________
If we don't help each other when we can, then we're not making this world a better place.
Reply With Quote
  #75  
Old 03 Sep 2013, 04:22
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Real name: Richie
You could simply go into your config file and disallow plug ins. Then log into the admincp and disable.. Bam..


addenum - Disable your plug ins by adding


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

To your config php file
__________________

Let us take care of your forum, seo, seo reports, maintenance, what ever you need.


Last edited by RichieBoy67; 03 Sep 2013 at 06:15.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 17:21.

Layout Options | Width: Wide Color: