Advertisement:

Navigation

SMF Mod Site

Mod Name:
vAdminSecurity DNS
Created By:
Valodim
Type:
Security and Moderation
First Created:
September 27, 2005, 04:21:16 PM
Last Modified:
December 16, 2006, 12:48:42 PM
Latest Version:
0.92
Compatible With:
1.1
Total Downloads:
4048

Download this mod

vAdminSecurity DNS_0.92.zip (11kB) [3036]
Manual Install Instructions for SMF

Description:

This mod implements a DNS/IP security check for admin actions (those you need to give a password for), providing additional security.

To use this, you will need either a static IP or a dynamic DNS (you can get a dynamic dns at no-ip.org or DynDNS.org). After you installed the mod, you'll have to set up your profile with your IP/DNS and enable the security in the features and options dialogue (right next to "disable administration security"). If you enable this without a valid dns/ip in your profile, you will not be able to access the admin interface anymore!!

If you use this mod and all admins use dns/ips, your forum becomes virtually unbreakable, unless a user gets your forum password, your dynamic dns-password, and your dynamic dns name, which is a lot more unlikely than just the forum password because the dns account is in no way else related to your forum account. (keep in mind that other ways, like security holes in your server software, still work! you are never entirely safe)

Once set, you can only change your dns using that set dns, or from another account.

I use no-ip, and have its option "run as system service" enabled with my dns in my profile. I don't notice this one bit, but it's nearly impossible for others to abuse admin permissions, and it also spares me the password check when entering the admin section. :D

This mod is a BETA, it's not guaranteed to be stable. Be careful with this, especially if you don't have direct SQL access!! You can set "vdns_enable" in the _settings table in your database to 0 to disable this, if you accidently prevented yourself from accessing the admin section.

As of version 0.92, there is an option "Allow dns bypass by password", which allows the user to access the admin section using his password, if the dns check fails. This is useful if you are just too lazy to type in your password and have it dns checked instead, but still want access from other computers by password.


\\ 0.92

1.1 Final compatibility. Dropped support for all other versions, no time for that, sorry. Also added option to allow dns bypass by password.