Topic: admin
Hi everybody,
I wanted to know if there is a mod for protecting the panel admin ?
Moreover, for more security, wouldn't one have to put the admin files in a repertory /admin/ ?
thanks.
2 2006-02-14 13:47 (edited by CodeXP 2006-02-14 13:47)
Re: admin
There's no need for a mod, or moving the files to a specific directory. Just add the following to a .htaccess file in the PunBB root directory:
<Filesmatch "^admin_.*\.php$">
AuthType Basic
AuthName "PunBB's admin section requires a valid username and password"
AuthUserFile /enter/path/to/your/.htpasswd
require valid-user
</Filesmatch>Remember to change the path for AuthUserFile 
3 2006-02-14 15:03 (edited by bodhisattva 2006-02-14 16:00)
Re: admin
Or, you can add this to your admin_*.php pages
if ($_SERVER['REMOTE_ADDR'] != 'xxx.xxx.xxx.xxx') exit('Hacking Attempt');Replace xxx.xxx.xxx.xxx with your fixed IP.
Or you can implement an whitelist/blacklist network authentication module via admin panel.
Re: admin
thank you
@CodecXP: what means "Currently blocked IPs: 18" in the footer in your forum ? it's a mod ?
Re: admin
Not a plugin, moved to PunBB discussions.
Looking for a certain modification for your forum? Please take a look here before posting.
Re: admin
p314 wrote:
@CodecXP: what means "Currently blocked IPs: 18" in the footer in your forum ? it's a mod ?
I believe it has to do with CodeXP's spam protection mod.
Looking for a certain modification for your forum? Please take a look here before posting.
Re: admin
p314 wrote:
thank you
@CodecXP: what means "Currently blocked IPs: 18" in the footer in your forum ? it's a mod ?
Yeah, it's related to the spam protection mod that pogenwurst linked to
Re: admin
Hi CodexXP !
I don't understand why there is a code block MD5 hash in common.php and functions.php ???
How do I know if this mod works on my forum, there is nothing in my footer ?
Do this mod blocks the ip's proxy ?
thanks
Re: admin
p314 wrote:
Hi CodexXP !
I don't understand why there is a code block MD5 hash in common.php and functions.php ???
How do I know if this mod works on my forum, there is nothing in my footer ?Do this mod blocks the ip's proxy ?
thanks
That's because I never posted the footer part, as I didn't see the need at the time 
If you want it, here's how to add it.
1. Open functions.php, and add at the bottom:
function spam_stat()
{
global $db;
$result = $db->query('SELECT COUNT(ip) AS numrows FROM '.$db->prefix.'spam_protect WHERE blocked=\'1\'') or error('Unable to get spam protection', __FILE__, __LINE__, $db->error());
list($count) = $db->fetch_row($result);
if(!$count)
$count = 0;
echo '<br />SPAM Protection » Currently blocked IPs: <strong>'.$count.'</strong>';
}2. Open footer.php, and replace (line 109):
<p class="conr">Powered by <a href="http://punbb.org/">PunBB</a><?php if ($pun_config['o_show_version'] == '1') echo ' '.$pun_config['o_cur_version']; ?><br />© Copyright 2002–2005 Rickard Andersson</p>with:
<p class="conr">Powered by <a href="http://punbb.org/">PunBB</a><?php if ($pun_config['o_show_version'] == '1') echo ' '.$pun_config['o_cur_version']; ?><br />© Copyright 2002–2005 Rickard Andersson<?php spam_stat(); ?></p>That's it
Also, yes, it should and will block the proxy server, if it's listed in the spamhaus database.
Oh, about the MD5 blocks... Well, they're not really needed, I just added them as a quick way to verify if people had modified the files correctly. Let's say someone had problems after installing it, I could just ask them to check the MD5 of the code block, using the plugin in the admin CP. If that check failed, I'd know they did something wrong
Re: admin
CodeXP wrote:
I just added them as a quick way to verify if people had modified the files correctly. Let's say someone had problems after installing it, I could just ask them to check the MD5 of the code block, using the plugin in the admin CP. If that check failed, I'd know they did something wrong
Thanks, good job