Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
Mail Admin When fail to login to admincp V2 Details »
Mail Admin When fail to login to admincp V2
Mod Version: 2.00, by AliMadkour (Coder/Designer) AliMadkour is offline
Developer Last Online: Dec 2019 I like it Show Printable Version Email this Page

vB Version: 4.0.2 Rating: (23 votes - 4.83 average) Installs: 232
Released: 01 Dec 2009 Last Update: 03 Mar 2010 Downloads: 727
Supported Uses Plugins Translations  

hello

Please remember to Click Mark as Installed if you use this modification.


this simple plugin :
it will send you mail when someone try to login at your AdminCP.

How to Install
  • Import XML file from your AdminCP
  • Click Mark as Installed if you install it !
Control :
  • AdminCP -> vBulletin Options -> Send message to Admin when fail to login to admincp options
Note : Arabic translation also attached

What 's new with version 2 :
  • work any where not only AdminCP
  • custom error message when try to login
  • add HTTP_USER_AGENT !
  • you can input any username when someone try to login you will mailed!
please remember to Mark it as installed if you like and Nominate for MOTM

Download Now

Only licensed members can download files, Click Here for more information.

Screenshots

Click image for larger version

Name:	sc.jpg
Views:	822
Size:	64.6 KB
ID:	113442  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Admin. 2 Admin. Notes VIA AdminCP Index shovel vBulletin 2.x Full Releases 38 17 Nov 2005 07:29

  #76  
Old 25 Oct 2010, 11:17
0verl0rd 0verl0rd is offline
 
Join Date: Oct 2010
Awesome! thanks!
Reply With Quote
  #77  
Old 02 Nov 2010, 20:48
Ary Braga Ary Braga is offline
 
Join Date: Jun 2009
Re:Mail Admin When fail to login to admincp V2

Originally Posted by Delphiprogrammi View Post
hi,

problem solved for those people that get emailed when there normal login fails open the plugin and the first line


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

above that add


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

underneath the first code snippet code add


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

that's it now you only get emailed when the actual admincp login fails for some reason look at /includes/adminfunctions.php if you want more information about the VB_AREA constant
underneath????/


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Could put the code here ready?

I tried and failed. excuse my ignorance.
Parse error: syntax error, unexpected '=' in /home/clangsm/public_html/vb/login.php(114) : eval()'d code on line 5

Correct me if I'm wrong

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Last edited by Ary Braga; 02 Nov 2010 at 21:07. Reason: Parse error
Reply With Quote
  #78  
Old 02 Nov 2010, 21:45
Delphiprogrammi Delphiprogrammi is offline
 
Join Date: Feb 2004
Real name: Erik
hi,

no you did it wrong it must be


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

the first block is needed because if the VB_AREA constant is not defined PHP will throw error messages
Reply With Quote
  #79  
Old 05 Nov 2010, 14:51
Ary Braga Ary Braga is offline
 
Join Date: Jun 2009
Thumbs up Re:Mail Admin When fail to login to admincp V2

wow.

Thank you very much.
U save my day.

Regards.
Reply With Quote
  #80  
Old 18 Feb 2011, 14:22
Delphiprogrammi Delphiprogrammi is offline
 
Join Date: Feb 2004
Real name: Erik
hi,

I just noticed the plugin author is using values directly from $_POST[] superglobal array.This is a bad programming attitude certainly without any form of sanitization this could lead to XSS security holes he should use


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

at least this way you're sure the values being submitted are clean
Reply With Quote
  #81  
Old 02 May 2011, 20:57
Domenico Domenico is offline
 
Join Date: Oct 2001
Originally Posted by Delphiprogrammi View Post
hi,

I just noticed the plugin author is using values directly from $_POST[] superglobal array.This is a bad programming attitude certainly without any form of sanitization this could lead to XSS security holes he should use


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

at least this way you're sure the values being submitted are clean
Has this been fixed?
__________________

█ The biggest and best hosting forum in Europe!
Reply With Quote
  #82  
Old 20 Jul 2011, 17:21
lapiervb lapiervb is offline
 
Join Date: Mar 2010
Can you add your mods names to the "Administrator usernames" and have it send you an email if somebody tries to login to their account as well?
Reply With Quote
  #83  
Old 14 Aug 2011, 09:32
Christian_ Christian_ is offline
 
Join Date: Aug 2011
Thank you very much for the plugin, however I do have a question. Is it only my impression or does this plugin bypass the 5 strikes protection feature? If I try to login with wrong admin credentials at the top bar of the forum, I was able to enter passwords more than 5 times. I was always shown the predefined website that says my IP address was logged and sent to the admins, which is perfectly OK. I also received a mail every time the login attempt failed. But I'm not sure whether the 5 strikes protection mechanism is still in effect, since I wasn't shown this page.
Reply With Quote
  #84  
Old 23 Aug 2011, 12:16
Marios858 Marios858 is offline
 
Join Date: Apr 2011
Excellent Modification , thanks , works fine on 4.1.5pli
Reply With Quote
  #85  
Old 25 Aug 2011, 09:38
garethsp garethsp is offline
 
Join Date: Aug 2011
I like this mod worked well on latest version Thank you
Reply With Quote
  #86  
Old 28 Mar 2012, 17:29
lapiervb lapiervb is offline
 
Join Date: Mar 2010
Plugin doesnt seem to work with vb 4.1.10
Reply With Quote
  #87  
Old 24 May 2012, 00:35
mgurain's Avatar
mgurain mgurain is offline
 
Join Date: Apr 2005
Real name: Mohammed Al-Gurain
It's working on 4.2, but shouldn't this be upgraded ?

Regards,,
Reply With Quote
  #88  
Old 13 Jul 2012, 15:53
Orfalopi Orfalopi is offline
 
Join Date: May 2012
Hi,

Nope, doesn't work,
I tried every suggestion as
Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

but it doesn't work !
Regrettable, because of security this could be a useful plugin.

Orfalopi
Reply With Quote
  #89  
Old 25 Jul 2012, 01:25
AliMadkour's Avatar
AliMadkour AliMadkour is offline
 
Join Date: Dec 2004
Real name: Ali
sorry for my bad follow,
soon in days Version 2.5 with lot of customization
__________________
Ali Madkour
Reply With Quote
  #90  
Old 25 Jul 2012, 15:32
Orfalopi Orfalopi is offline
 
Join Date: May 2012
Hi Ali

No problem and thanks for the response.
Meanwhile, I've managed to install the plugin.
(Just a small oversight on my part, which made that it didn't worked at first.)
Now it works perfectly on 4.1.12

Originally Posted by Christian_ View Post
Thank you very much for the plugin, however I do have a question. Is it only my impression or does this plugin bypass the 5 strikes protection feature? If I try to login with wrong admin credentials at the top bar of the forum, I was able to enter passwords more than 5 times. I was always shown the predefined website that says my IP address was logged and sent to the admins, which is perfectly OK. I also received a mail every time the login attempt failed. But I'm not sure whether the 5 strikes protection mechanism is still in effect, since I wasn't shown this page.
I've noticed this too.
If I, lets say, enter 7 times in succession a wrong password for the Admin,
then I receive 7 messages in my mailbox.
So far so good.
But, when I look at the _strikes table in my database, I see no record of this event,
which means that the waiting time of 15 minutes after 5 incorrect login attempts is circumvented.
When a cracker tries to break in with password-cracking software,
the mailbox will be flooded with messages.
Because there is no restriction on the number of login attempts, the cracker can continue to enter passwords without delay.
Maybe you can implement something, with which the 5 times (failed) login limit is preserved.

Otherwise, a great plugin
Good work

Orfalopi
__________________
vBulletin 4.1.12
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 18:18.

Layout Options | Width: Wide Color: