[REQ] IP Restriction

S

simbiosis

New Member
Heya,

im looking for some kind of mod. that adds IP Restriction to user's accounts. Which would mean, if User1 with IP 127.0.0.2 (which he got registered in the Database) goes to my Forum URL, he would see the forum, but if he goes to the forum with another IP, he would'nt see the forum (hope i explained that well, hehe)..

I know people are going to say "Won't work, dynamic Ip's etc.." but people have to report new ip's to me if they would've changed :)

Anyone knows some kind of script that works like i said?

Tnx in advance!
Mitchel
 
dunno if this still works lol :) you can try it :) just don't forget to make a backup of your php files lol

******************

ok , this is the first hack i post around here so i hope im doing it ok
if not mods please fix me :P
ok, this hack is ment for closed comunity of vbulltien forums that want exstra security against unwelcome guests

this hack adds HTTP Authentication which change acording to username / password

to make the security bit higher i added ip ranges part - mean every users got ip range and if his ip is not wellcome then its not let him in
(can help abit against shared account).

ok so lets start

// run this db query
PHP: 
ALTER TABLE user ADD ipmasks varchar(250) NOT NULL default '';

// open the file admincp/user.php

find :
PHP: 
print_input_row($vbphrase['email'], 'user[email]', $user['email'], 0);

below it add :
PHP: 
print_input_row('ip masks', 'user[ipmasks]', $user['ipmasks'], 0);

save the file and upload it back to your server

ok, now u got 2 options :
option1 - put it only in root dir
option2 - put itin root and on admincp/modcp dir

ok
if option 1 then
// open root/global.php

find :
PHP: 
require_once('./includes/init.php');

Below it add :
PHP: 
//HTACCESS Hack + IP restriction
if (!isset($_SERVER['PHP_AUTH_USER'])) {
	header('WWW-Authenticate: Basic realm="Restricted area"');
	header("HTTP/1.0 401 Unauthorized");
	echo "Unauthorized login attempts are logged.\n";
	echo "bla";
	exit;
} else {
	//checking database
	$userinf=$DB_site->query_first("SELECT user.password,user.userid,user.salt FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'");
	$isvalidip=0;
	if($userinf['userid']){
		// if user exists check if ip is valid $REMOTE_ADDR
		$validip=$DB_site->query_first("SELECT ipmasks FROM user WHERE userid='$userinf[userid]'");
		$validip=explode(" ",$validip['ipmasks']);
		foreach($validip as $testip){
			if ($testip=='') { continue; }
			if (strstr($REMOTE_ADDR,$testip)==$REMOTE_ADDR || stristr(gethostbyaddr($REMOTE_ADDR),$testip)==$testip){
				$isvalidip=1;
				break;
			}
		}
	}
	//checking if the user login is ok & that he connects from a valid ip
	
		$salt = $userinf['salt'];
		$pass = $userinf['password'];
		$userp = md5(md5($_SERVER['PHP_AUTH_PW']) . $salt);
		
	

		
	if ($pass != $userp) {
		//we have a looser:)
		header('WWW-Authenticate: Basic realm="Restricted area"'); 
		header('HTTP/1.0 401 Unauthorized'); 
		echo "Unauthorized login attempts are logged.\n";
		exit;
	}elseif(!$isvalidip){
		header('HTTP/1.0 401 Unauthorized'); 
		echo "Your Ip is not allowed here...Unauthorized login attempts are logged.\n";
		exit;
	}
}
//HTACCESS Hack + IP restriction (end)

save the file and upload it back to your server

now if u want option 2 then :

open includes/init.php

find :
PHP: 
	$DB_site->connect($servername, $dbusername, $dbpassword, $usepconnect);

Below it add :

PHP: 
//HTACCESS Hack + IP restriction
if (!isset($_SERVER['PHP_AUTH_USER'])) {
	header('WWW-Authenticate: Basic realm="Restricted area"');
	header("HTTP/1.0 401 Unauthorized");
	echo "Unauthorized login attempts are logged.\n";
	echo "bla";
	exit;
} else {
	//checking database
	$userinf=$DB_site->query_first("SELECT user.password,user.userid,user.salt FROM user WHERE username='$_SERVER[PHP_AUTH_USER]'");
	$isvalidip=0;
	if($userinf['userid']){
		// if user exists check if ip is valid $REMOTE_ADDR
		$validip=$DB_site->query_first("SELECT ipmasks FROM user WHERE userid='$userinf[userid]'");
		$validip=explode(" ",$validip['ipmasks']);
		foreach($validip as $testip){
			if ($testip=='') { continue; }
			if (strstr($REMOTE_ADDR,$testip)==$REMOTE_ADDR || stristr(gethostbyaddr($REMOTE_ADDR),$testip)==$testip){
				$isvalidip=1;
				break;
			}
		}
	}
	//checking if the user login is ok & that he connects from a valid ip
	
		$salt = $userinf['salt'];
		$pass = $userinf['password'];
		$userp = md5(md5($_SERVER['PHP_AUTH_PW']) . $salt);
		
	

		
	if ($pass != $userp) {
		//we have a looser:)
		header('WWW-Authenticate: Basic realm="Restricted area"'); 
		header('HTTP/1.0 401 Unauthorized'); 
		echo "Unauthorized login attempts are logged.\n";
		exit;
	}elseif(!$isvalidip){
		header('HTTP/1.0 401 Unauthorized'); 
		echo "Your Ip is not allowed here...Unauthorized login attempts are logged.\n";
		exit;
	}
}
//HTACCESS Hack + IP restriction (end)

thats all

*WARNING - IN ANY WAY DONT USE BOTH OPTIONS
its will cuse to the page ask for several time the user/pass
and its will be very buggy.

note :
if user got dynamic ips for exsample :

143.229.64.58
143.229.78.99
145.88.45.68

just add it like that
143.229 145.88
with 1 space between each ip range
dont user * as wildcard.

thats all :P
if u got some qustions or anything , then im here to suport u guys.

Sorry for my very bad english.
 
You must log in or register to reply here.
Back
Top