Email notification if someone attempts to access your Admin CP
Mod Version: 1.1, by EvilLS1
This modification is in the archives.
| vB Version: 3.0.5 | Rating:  (2 votes - 4.50 average) |
Installs: 239 |
| Released: 29 Apr 2004 | Last Update: 08 Jan 2005 | Downloads: 43 |
 Not Supported
|
||
This is my version of the hack that Firefly released for VB2.
VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!
What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.
It will look something like this:
If the person who is attempting to access your CP happens to be registered & logged in, this line will also be included in the email:
(Thanks to AlexanderT for the idea for this addon.)
Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php.
If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..
Still not working? Read this!
If for some reason you don't get a warning email when testing this hack please carefully read through the checklist below..
1) Log into your Admin CP and click "vbulletin options". From the list click on "Site Name / URL / Contact Details".
Scroll down to where it says "Webmaster's Email" (not Contact Us Link). Make sure that you have entered a valid email address there.
2) In your Admin CP under "Import & Maintenance" click Diagnostics.
In the email testing area enter the same email address that you have as your webmaster's email. Run the email test to verify that your vbulletin email is working properly. If it is, you should recieve an email after running the test.
3) If you're using vB 3.0.1 or earlier make sure that you added the last bit of code from the instructions in two seperate places. Open your edited login.php file and search for this:
Once you've found the first instance of that code, search for the same code again. You should find it twice.
4) This hack has been tested on vBulletin 3.0.1 - 3.0.5. If you're using a different version, open your register.php file and search for "vbmail" (without the quotes).. This is to make sure that the vbmail() function has the same name in your version.
5) Re-apply the file edits to login.php making sure that you follow the instructions carefully.
6) If you're using any kind of spam guard for your emails that blocks junk mail, turn it off (temporarily).
7) Now lets test it again. Close your browser and re-open it again. Go to your forum and click "logout". While still logged out go to yoursite.com/forums/admincp/ and then hit the "refresh" button on your browser. Type in an incorrect password and hit submit.
Now lets test it again while you are logged into the forum but not the admincp. Close your browser & reopen it again. Go to your forums and login with the correct info. Then go back to /forums/admincp/ and your username should already be listed. Type in an incorrect password and hit submit.
Wait 15-25 minutes before checking your email this time (sometimes it takes a while for the mail to be delivered).
Keep in mind, you only get an email when someone tries to login to your admincp or modcp... This has no effect on any of the regular login forms.
If you've carefully checked everything in the list above and it still doesn't work for you then it could be conflicting with another hack that you've installed. Other than that, I have no idea.
Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.
VB3's standard log of failed admincp login attempts is a nice feature.. but since you get no instant notification, by the time you check the log it could be too late. Also, the log doesn't show which passwords the potential intruder is trying... If someone is close to guessing my password I wanna know about it!
What does it do? With this hack, when someone tries to login to your admincp or modcp you'll get an email that contains the username they tried, the password they tried, their ip address, hostname, # of strikes, referer, script, and the date & time of the attempt.
It will look something like this:
--------------------------------------------------
WARNING: Failed admin logon in vBulletin 3.0.1
--------------------------------------------------
Someone is trying to login to your Admin CP!
Username tried: JimbobJoe
Password tried: aCcEsS
IP Address: 67.13.27.156
Host: asd691917124.whatever.com
Strikes: 1/5
Referer: http://www.yoursite.com/forums/admincp/
Script: http://www.yoursite.com/forums/login.php
Date: Wednesday 28th of April 2004 07:50:02 AM
--------------------------------------------------
vBulletin has identified this user as: (intruder's real username here)
Update (1-4-05): A couple of users have expressed concern about this mod sending a plaintext password over http for all logins. This update (v1.1) addresses that concern by only sending the password for cplogins. To update just re-do the first step in the instructions for your vbulletin version (the first edit to adminfunctions.php). Or if you'd prefer that the attempted password not be sent at all simply skip the edits to adminfunctions.php.
If you don't recieve an email when testing, make sure you have the webmaster email set in the admincp (vBulletin Options + Site Name / URL / Contact Details). Also, sometimes it takes a while for the email to arrive. So give it plenty of time before screaming "it doesn't work"..
Still not working? Read this!
Spoiler (click to open)
The official "Its not working" check-list.
If for some reason you don't get a warning email when testing this hack please carefully read through the checklist below..
1) Log into your Admin CP and click "vbulletin options". From the list click on "Site Name / URL / Contact Details".
Scroll down to where it says "Webmaster's Email" (not Contact Us Link). Make sure that you have entered a valid email address there.
2) In your Admin CP under "Import & Maintenance" click Diagnostics.
In the email testing area enter the same email address that you have as your webmaster's email. Run the email test to verify that your vbulletin email is working properly. If it is, you should recieve an email after running the test.
3) If you're using vB 3.0.1 or earlier make sure that you added the last bit of code from the instructions in two seperate places. Open your edited login.php file and search for this:
Code:
vbmail($vboptions['webmasteremail'], $subject, $message);
4) This hack has been tested on vBulletin 3.0.1 - 3.0.5. If you're using a different version, open your register.php file and search for "vbmail" (without the quotes).. This is to make sure that the vbmail() function has the same name in your version.
5) Re-apply the file edits to login.php making sure that you follow the instructions carefully.
6) If you're using any kind of spam guard for your emails that blocks junk mail, turn it off (temporarily).
7) Now lets test it again. Close your browser and re-open it again. Go to your forum and click "logout". While still logged out go to yoursite.com/forums/admincp/ and then hit the "refresh" button on your browser. Type in an incorrect password and hit submit.
Now lets test it again while you are logged into the forum but not the admincp. Close your browser & reopen it again. Go to your forums and login with the correct info. Then go back to /forums/admincp/ and your username should already be listed. Type in an incorrect password and hit submit.
Wait 15-25 minutes before checking your email this time (sometimes it takes a while for the mail to be delivered).
Keep in mind, you only get an email when someone tries to login to your admincp or modcp... This has no effect on any of the regular login forms.
If you've carefully checked everything in the list above and it still doesn't work for you then it could be conflicting with another hack that you've installed. Other than that, I have no idea.
Close
Credits: Thanks to the original creator of this hack (Chen) for the idea, and thanks to Boofo for helping me test it.
Download
This modification is archived and cannot be downloaded.