DragonByte Tech | vBulletin Mods & Addons - Powered by vBulletin





User Tag List

Page 1 of 2 12 Last
Results 1 to 10 of 12

Thread: Forum closed after 1 false login into AdminCP


Forum: DragonByte Security Lite Support

Questions & Answers for DragonByte Security.
Click here to buy!

  1. #1
    Junior Member
    Level 0 (0 Loyalty Points)

    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    May 2012
    Posts
    5
    Rep Power
    0

    Default Forum closed after 1 false login into AdminCP

    My forum is closed after one attempt to login with a false password or username into the AdminCP has been made by the same IP address.

    The settings in "Security Watchers: General" are:
    5 AdminCP access attempts from the same IP address in the past 1 hours: Email Webmaster
    20 AdminCP access attempts from the same IP address in the past 1 hours: Email Webmaster, Close Forum, Ban IP Address

    So the settings should be ok.

    But unfortunately it does not work.


    Is this a known bug, or how can I solve this?

  2. #2
    Founder
    Level 0 (0 Loyalty Points)
    Belazor's Avatar
    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    Dec 2009
    Location
    Glasgow, United Kingdom
    Age
    30
    Posts
    27,743
    Blog Entries
    13
    Rep Power
    10

    Default

    That's not a bug, it will only display entries in the ACP that have actually triggered the event. In other words, the same person has tried to login that many times, and the event displayed is the one that caused the action to be taken
    Fillip Hannisdal
    Founder & Programming Director
    DragonByte Technologies http://www.DragonByte-Tech.com


    Please do not Private Message me with support requests or product questions. PMs are only for exchanging sensitive information (like FTP / AdminCP logins).
    Please do not Private Message me with business related queries (refunds, complaints, feedback, etc). Decado is the person to PM for those issues.
    Please do not Private Message Decado with support requests or forum errors.

    When I say "Hotfix Released" it means you should re-download the product and re-upload the files.
    Like our products? Want to be notified on social media networks when we release updates or new products? Click the buttons below to Like us on Facebook, Follow us on Twitter and Follow us on Google+!

  3. #3
    Junior Member
    Level 0 (0 Loyalty Points)

    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    May 2012
    Posts
    5
    Rep Power
    0

    Default

    Thanks for the reply.
    But why is my forum closed after only one attempt to login to the AdminCP?

    That makes no sense in my eyes.

  4. #4
    Founder
    Level 0 (0 Loyalty Points)
    Belazor's Avatar
    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    Dec 2009
    Location
    Glasgow, United Kingdom
    Age
    30
    Posts
    27,743
    Blog Entries
    13
    Rep Power
    10

    Default

    Sorry, I wasn't clear enough:

    Let's say someone tries to log in to your AdminCP 19 times in the past 1 hour. The security center shows no alerts.

    Then they try to log in 1 more time. The security center now shows 1 alert, and takes the actions described.


    Does it make more sense now? It is not just 1 login.

    I have changed this thread to a feature request and will add links to the full access attempt logs in a future version
    Fillip Hannisdal
    Founder & Programming Director
    DragonByte Technologies http://www.DragonByte-Tech.com


    Please do not Private Message me with support requests or product questions. PMs are only for exchanging sensitive information (like FTP / AdminCP logins).
    Please do not Private Message me with business related queries (refunds, complaints, feedback, etc). Decado is the person to PM for those issues.
    Please do not Private Message Decado with support requests or forum errors.

    When I say "Hotfix Released" it means you should re-download the product and re-upload the files.
    Like our products? Want to be notified on social media networks when we release updates or new products? Click the buttons below to Like us on Facebook, Follow us on Twitter and Follow us on Google+!

  5. #5
    Junior Member
    Level 0 (0 Loyalty Points)

    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    May 2012
    Posts
    5
    Rep Power
    0

    Default

    Ah ok. That makes sense.

    I just did a test for myself using my iPhones Safari browser while connected to my telephone providers 3G network.
    I tried to login only one time into the AdminCP using a false password and my IP was banned and the forum closed.

    As I use the setting "from the same IP address", and I definitely haven't used my iPhone browser for anything today, there is surely something wrong.
    Maybe you want to do a check for your own to see that it is as I described the issue?

  6. #6
    Founder
    Level 0 (0 Loyalty Points)
    Belazor's Avatar
    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    Dec 2009
    Location
    Glasgow, United Kingdom
    Age
    30
    Posts
    27,743
    Blog Entries
    13
    Rep Power
    10

    Default

    Hmm, did you access the AdminCP login form more than once before submitting your test failed login?

    I'm looking through the code right now, and the AdminCP Access Attempts fires both on the actual form AND when they are attempting to login.

    Can you look in the dbtech_vbsecurity_adminstrikes table and look for your mobile IP (you should find it in the Security Watchers page as the latest attempted intruder) and see how many entries are there?

    Meanwhile, I'll test it and see how many entries are actually generated by simply 1 visit and 1 login attempt
    Fillip Hannisdal
    Founder & Programming Director
    DragonByte Technologies http://www.DragonByte-Tech.com


    Please do not Private Message me with support requests or product questions. PMs are only for exchanging sensitive information (like FTP / AdminCP logins).
    Please do not Private Message me with business related queries (refunds, complaints, feedback, etc). Decado is the person to PM for those issues.
    Please do not Private Message Decado with support requests or forum errors.

    When I say "Hotfix Released" it means you should re-download the product and re-upload the files.
    Like our products? Want to be notified on social media networks when we release updates or new products? Click the buttons below to Like us on Facebook, Follow us on Twitter and Follow us on Google+!

  7. #7
    Founder
    Level 0 (0 Loyalty Points)
    Belazor's Avatar
    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    Dec 2009
    Location
    Glasgow, United Kingdom
    Age
    30
    Posts
    27,743
    Blog Entries
    13
    Rep Power
    10

    Default

    Hmm, did you access the AdminCP login form more than once before submitting your test failed login?

    I'm looking through the code right now, and the AdminCP Access Attempts fires both on the actual form AND when they are attempting to login.

    Can you look in the dbtech_vbsecurity_adminstrikes table and look for your mobile IP (you should find it in the Security Watchers page as the latest attempted intruder) and see how many entries are there?

    Meanwhile, I'll test it and see how many entries are actually generated by simply 1 visit and 1 login attempt
    Fillip Hannisdal
    Founder & Programming Director
    DragonByte Technologies http://www.DragonByte-Tech.com


    Please do not Private Message me with support requests or product questions. PMs are only for exchanging sensitive information (like FTP / AdminCP logins).
    Please do not Private Message me with business related queries (refunds, complaints, feedback, etc). Decado is the person to PM for those issues.
    Please do not Private Message Decado with support requests or forum errors.

    When I say "Hotfix Released" it means you should re-download the product and re-upload the files.
    Like our products? Want to be notified on social media networks when we release updates or new products? Click the buttons below to Like us on Facebook, Follow us on Twitter and Follow us on Google+!

  8. #8
    Junior Member
    Level 0 (0 Loyalty Points)

    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    May 2012
    Posts
    5
    Rep Power
    0

    Default

    I checked the logs under Admin Strikes, but unfortunately the latest entry there is from the 25.05. :/
    Seems a bit weird.

  9. #9
    Founder
    Level 0 (0 Loyalty Points)
    Belazor's Avatar
    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    Dec 2009
    Location
    Glasgow, United Kingdom
    Age
    30
    Posts
    27,743
    Blog Entries
    13
    Rep Power
    10

    Default

    Weird indeed, it's quite literally impossible for the code to act on entries 3 days old - if that was the case, this forum would be swamped

    Can you please PM me with FTP and an AdminCP account and if possible, phpMyAdmin? If so, I may be able to get to the bottom of this
    Fillip Hannisdal
    Founder & Programming Director
    DragonByte Technologies http://www.DragonByte-Tech.com


    Please do not Private Message me with support requests or product questions. PMs are only for exchanging sensitive information (like FTP / AdminCP logins).
    Please do not Private Message me with business related queries (refunds, complaints, feedback, etc). Decado is the person to PM for those issues.
    Please do not Private Message Decado with support requests or forum errors.

    When I say "Hotfix Released" it means you should re-download the product and re-upload the files.
    Like our products? Want to be notified on social media networks when we release updates or new products? Click the buttons below to Like us on Facebook, Follow us on Twitter and Follow us on Google+!

  10. #10
    Junior Member
    Level 0 (0 Loyalty Points)

    User InfoThanks / Tagging InfoGifts / Achievements / AwardsActivity Stats
    Join Date
    May 2012
    Posts
    5
    Rep Power
    0

    Default

    Ok, done.
    Admin access to my forums and FTP access is PM'ed. The phpmyadmin access I wouldn't like to share at the moment.

    I hope that the admin and FTP access can help to solve my problem.

Page 1 of 2 12 Last

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Not load after login
    By Charro in forum Site Support
    Replies: 2
    Last Post: 22nd December 2010, 08:17

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
This website uses cookies
We use cookies to store session information to facilitate remembering your login information, to allow you to save website preferences, to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners.