Thread: Protecting Your IPB ACP [Can be used on other forums haven't tested]

Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1 Protecting Your IPB ACP [Can be used on other forums haven't tested] 
    OoO Donor <3
    Rockstar Jax's Avatar
    Join Date
    Mar 2011
    Age
    27
    Posts
    608
    Thanks given
    77
    Thanks received
    78
    Rep Power
    21
    Okay, I have noticed some people attempting to log into my admin panel on my site as this fears me, Was my website SQL injected? Was it crossed script? Well I wrote up a simple solution to my problem by writing a easy PHP snippet that goes into the acp index file.

    This method is far effective Because no matter what they can't get to the acp login page, Don't hate because it is a small snippet, but hey it could save your forums from getting hacked.

    In the admin directory go to index.php

    add in this snippet above everything

    Code:
    <?php $allow = array("0.0.0.0" ,"127.0.0.1" );
    
    if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {
    
            header("Location: http://redirectwebsitelinkhere.com");
    
            exit();
    
    }
    Change the Ips to yours, if you want to add in more just follow the set up it isn't hard.

    The redirect site can be anything You want, I just have it set to a php script that catches their ip and has the typewritting effect displaying text be creative on this since it is your website.

    This could be implemented into VB, smf, mybb, etc. I just said IPB because I am not to sure how the admin panel is set up on those forum bases.

    <-- amateur sig skills dont hate
    Reply With Quote  
     

  2. Thankful users:


  3. #2  
    Banned
    Join Date
    May 2012
    Posts
    158
    Thanks given
    22
    Thanks received
    12
    Rep Power
    0
    I decided to use this, And it works flawlessley. Thank you so much for the release Jax. this is extremely useful
    Reply With Quote  
     

  4. #3  
    GANGNAM STYLE!

    Ohad's Avatar
    Join Date
    Aug 2011
    Posts
    3,179
    Thanks given
    152
    Thanks received
    352
    Rep Power
    1671
    Thanks, this is very useful.
    Reply With Quote  
     

  5. Thankful user:


  6. #4  
    Banned
    Join Date
    May 2012
    Posts
    158
    Thanks given
    22
    Thanks received
    12
    Rep Power
    0
    oh and thanks for the updates on my ipb, wasn't expecting it. Now my website looks less dull. 1 of the very few people left on this community that isn't all about money.
    Reply With Quote  
     

  7. #5  
    OoO Donor <3
    Rockstar Jax's Avatar
    Join Date
    Mar 2011
    Age
    27
    Posts
    608
    Thanks given
    77
    Thanks received
    78
    Rep Power
    21
    Quote Originally Posted by Xtinctionx View Post
    Thanks, this is very useful.
    Are you using this on a different board than IPB? Would love to know how it could be implemented into smf or w.e board you are using!

    <-- amateur sig skills dont hate
    Reply With Quote  
     

  8. #6  
    GANGNAM STYLE!

    Ohad's Avatar
    Join Date
    Aug 2011
    Posts
    3,179
    Thanks given
    152
    Thanks received
    352
    Rep Power
    1671
    Quote Originally Posted by Rockstar Jax View Post
    Are you using this on a different board than IPB? Would love to know how it could be implemented into smf or w.e board you are using!
    Nope i got a ipb
    Reply With Quote  
     

  9. #7  
    Registered Member Glock's Avatar
    Join Date
    Aug 2012
    Age
    27
    Posts
    141
    Thanks given
    71
    Thanks received
    6
    Rep Power
    17
    Easy and cool, thnx!
    Reply With Quote  
     

  10. #8  
    Registered Member
    Nuevo's Avatar
    Join Date
    Jul 2008
    Posts
    647
    Thanks given
    7
    Thanks received
    13
    Rep Power
    169
    or a secure password works... what if theres an emergency and you dont have access to the comp with your ip set up in there?..
    Reply With Quote  
     

  11. Thankful user:


  12. #9  
    BattleScape
    U Got 0wned's Avatar
    Join Date
    Oct 2011
    Posts
    621
    Thanks given
    184
    Thanks received
    173
    Rep Power
    239
    Quote Originally Posted by Nuevo View Post
    or a secure password works... what if theres an emergency and you dont have access to the comp with your ip set up in there?..
    Access the Index.php file and add the IP through your Webhost?


    Reply With Quote  
     

  13. #10  
    OoO Donor <3
    Rockstar Jax's Avatar
    Join Date
    Mar 2011
    Age
    27
    Posts
    608
    Thanks given
    77
    Thanks received
    78
    Rep Power
    21
    Quote Originally Posted by Nuevo View Post
    or a secure password works... what if theres an emergency and you dont have access to the comp with your ip set up in there?..
    Log into your cpanel edit the index file allowing the current Ip you are using? A strong password won't help against a SQL injection attack. If someone manages to SQL inject a website all the tables in the database are exposed, including admin names and passwords, This is just a extra step.

    <-- amateur sig skills dont hate
    Reply With Quote  
     

Page 1 of 2 12 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Curses protecting help
    By own3d man in forum Help
    Replies: 3
    Last Post: 12-10-2011, 01:37 PM
  2. Replies: 2
    Last Post: 07-04-2011, 07:00 AM
  3. Replies: 9
    Last Post: 01-08-2011, 12:45 AM
  4. Replies: 1
    Last Post: 09-21-2010, 01:12 AM
  5. Added fact control to ACP
    By Kevy in forum Tweak(s)
    Replies: 30
    Last Post: 06-27-2010, 09:31 AM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •