Get notify on admin failed login

Regular Joined: Mar 11, 2005 Posts: 67

Does anyone know any modification that would notify you on e-mail when someone failed to login in admin section?

registered · Posted: Tue Feb 26, 2008 8:01 am

If you are using NukeSentinel's admin auth, a failed login will throw a 403 error to the web server, which you can trap in .htaccess and pass that to a PHP script to handle.

I leave the details to you... Wink

Posted: Mon Apr 14, 2008 11:54 pm

or you can write a simple function to send mail on failed logins to the admin if you are still after this mod i would make it up for you. And if you "beta test" and let me know how it works out i will give you credit for the testing and the basic idea of the mod Smile

sign up on my site and pm me more chance of getting a reply on there Wink

Posted: Tue Apr 15, 2008 12:05 am

gazj wrote:

or you can write a simple function to send mail on failed logins to the admin if you are still after this mod i would make it up for you. And if you "beta test" and let me know how it works out i will give you credit for the testing and the basic idea of the mod Smile

sign up on my site and pm me more chance of getting a reply on there Wink

Yes great, please be my guest Smile

Posted: Tue Apr 15, 2008 12:43 am

right i need to know afew things to get the script right for your setup what are you using RN or nuke and what version just saves me time when having to edit files ie the admin.php so i know what line and so on the code goes in for better install instructions

Posted: Tue Apr 15, 2008 1:09 am

right i have this done its nothing fancy and you can improve it if you know what you are doing.

Open /admin.php

around line 102 look for:

Code:

   if(!empty($aid) AND !empty($pwd)) {


      $pwd = md5($pwd);


      $result = $db->sql_query("SELECT pwd, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'");


      list($rpwd, $admlanguage) = $db->sql_fetchrow($result);


      $admlanguage = addslashes($admlanguage);


      if($rpwd == $pwd) {


         $admin = base64_encode("$aid:$pwd:$admlanguage");


         setcookie("admin",$admin,time()+2592000);


         unset($op);


      }

after add:

Code:

else{


      $sender_name = removecrlf('System Notice');


   $sender_email = validate_mail(removecrlf($adminmail));


   $msg = "$sitename\n\n";


   $msg .= "Admin Login Failed!\n";


   $msg .= "Admin: $aid\n";


   $msg .= "IP: ".$_SERVER['REMOTE_ADDR']."\n\n";


   $to = $adminmail;


   $mailheaders = "From: $sender_name <$sender_email>\n";


   $mailheaders .= "Reply-To: $sender_email\n\n";


   mail($to, 'Admin Login Failed', $msg, $mailheaders);


       }

this sends an email with the subject Admin Login Failed from System notice
saying:

Site name

Admin Login Failed!
Admin: Test
IP: xx.xxx.xx.xx

Posted: Tue Apr 15, 2008 1:11 am

oh btw i also have somewhere an ip lock for the admin that i wrote its somewhere local i might do a hack for release with the 2 in for added admin security and logging

Posted: Tue Apr 15, 2008 3:00 am

It's working!

I had to remove this line:

Code:

         //$sender_email = validate_mail(removecrlf($adminmail));

becouse of it code wasn't working.

Thx alot!

Posted: Tue Apr 15, 2008 4:46 am

it was working for me but it was tested on nuke 7.6 so might need to use this
$sender_email = validate_mail($adminmail);

Posted: Tue Apr 15, 2008 6:03 am

If you are using the NS Admin Auth surely they would never get that far and therefore it would be better to catch the 403 error as Montego suggested?

I'm sure Guardian had a script for this. Confused