Welcome, Guest. Please Login or Register.
June 12, 2021, 09:40:56 AM
Home Help Search Login Register
News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!

YaBB SE Community  |  Development  |  Completed mods  |  Topic: [Beta 1.5.2] Enhanced Security 1.2 « previous next »
Pages: [1] Reply Ignore Print
Author Topic: [Beta 1.5.2] Enhanced Security 1.2  (Read 3054 times)
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
[Beta 1.5.2] Enhanced Security 1.2
« on: May 01, 2003, 12:55:12 PM »
Reply with quote

The main point of this mod is that it requires an administrator password for any administrative activity, and turns off the secret question and answer for specified membergroups.

You can also turn on the uber-Paranoia mode, which: (for the specified groups..)
 - diables the always login feature.
 - only allows logins to last a specified length, for one browser session.
 - checks session IDs and browser signatures.

This pretty much makes sure (imho) a script kiddie can't use an administrators cookie for anything marginally useful.  But, you should be able to use it in "non-Paranoia" mode just fine.

It's not perfect, though, so I'd appreciate any suggestions/comments.

Someone has been taking mods written by people and redistributing them in another forum package without any credit or permission.  To make myself absolutely clear:  YOU MAY NOT DO THAT WITH THIS MOD.  Further, you may not do ANYTHING but use this mod in a YaBB SE or PfaBB installation.  You may not even download or use this if your intent is to reverse engineer or otherwise facilitate the reproduction of this intellectual property in or for another forum software.

This modification is distributed under a proprietary license.  THIS IS NOT OPEN SOURCE, but freeware.  You may only use this on YaBB SE 1.5.1 or above and PfaBB boards.  If you want to use it on another board/system (ie. phpBB, ttForum, ttCMS, YaBB SE versions older than 1.5.1, etc.) or make any modifications for ANY REASON, you MUST CONTACT ME before doing so AND receive my EXPRESS consent.  Violation of this license constitutes ILLEGAL activity.

By downloading and applying this modification, you are agreeing to this license.  If you currently live or reside in a country or state that does not allow any of the terms of the license, you may not download the modification or apply it.

DO NOT redistribute under ANY circumstances without my EXPRESS consent.

The terms of this license may change WITHOUT NOTICE.

Please understand that this means that this mod WILL NEVER be included in the standard distribution of ANY GPL licensed product OR YaBB SE.

If you do not agree or cannot agree to these terms, DO NOT click on this link OR download the package by ANY means.
http://gbaetc.homeip.net/yypack/enhancedsecurity.zip

Thank you,
-[Unknown]
« Last Edit: June 25, 2003, 08:29:05 AM by Jeff » Logged
Tilton53
Jr. Member
**
Posts: 73


I'm a llama!


Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #1 on: May 01, 2003, 03:56:54 PM »
Reply with quote

Geat Mod I love it just had one problem but fixed it was. The help file!

Change:
Code: [Select]
$helptxt['m_security'] = '
Allows you to incease authentication and login security for specific membergroups.  This means turning off the secret question/answer and requiring an administrator\'s password for any administration.  (every hour only.)<br />
Be warned, it disables the \'auto-login\' feature if you turn on the Paranoid-Level Security.  (with good reason.)<br />
<br />
NOTE:  If you are getting logged out a lot, try increasing your session length in php.ini.';

to

Code: [Select]
$helptxt['m_security'] = "
Allows you to incease authentication and login security for specific membergroups.  This means turning off the secret question/answer and requiring an administrator's password for any administration.  (every hour only.)<br />
Be warned, it disables the 'auto-login' feature if you turn on the Paranoid-Level Security.  (with good reason.)<br />
<br />
NOTE:  If you are getting logged out a lot, try increasing your session length in php.ini.";

It had to have double qoutes because of the periods!
« Last Edit: May 01, 2003, 04:23:08 PM by [Unknown] » Logged
Tilton53
Jr. Member
**
Posts: 73


I'm a llama!


Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #2 on: May 01, 2003, 03:58:38 PM »
Reply with quote

Willl someone fix the qoute tags in that post!


I can't!
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #3 on: May 01, 2003, 04:24:06 PM »
Reply with quote

I don't see any reason why you might need double quotes, but... I'm glad you got it working.

It works fine for me.....

-[Unknown]
Logged
Tilton53
Jr. Member
**
Posts: 73


I'm a llama!


Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #4 on: May 01, 2003, 05:59:18 PM »
Reply with quote

It was they way the the php worked.

I have no clue why I needed it ethier but I changed it and it it worked fine.

I gessus I code have just escaped the periods and it might have worked.
Logged
mysterious
Noobie
*
Posts: 3



Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #5 on: May 06, 2003, 04:04:49 PM »
Reply with quote

I tried installing this mod, but I seem to be getting an error that isn't addressed here: enhancedsecurity.php keeps telling me that undefined function template_header() is being called from line 54 in Errors.php. The template_header() function is in Subs.php, so I tried adding the line "include($sourcedir . '/Subs.php');" to enhancedsecurity.php before the include for Errors.php, but that didn't make a difference.

Any ideas as to what my problem might be would be greatlty appreciated. :)
« Last Edit: May 06, 2003, 05:33:47 PM by mysterious » Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #6 on: May 06, 2003, 04:14:44 PM »
Reply with quote

Try the YaBBpak.  Your problem is that you aren't logged in as an administrator....

-[Unknown]
Logged
mysterious
Noobie
*
Posts: 3



Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #7 on: May 06, 2003, 04:22:26 PM »
Reply with quote

Try the YaBBpak.  Your problem is that you aren't logged in as an administrator....

OK -  I'll try that...
Logged
mysterious
Noobie
*
Posts: 3



Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #8 on: May 06, 2003, 05:07:02 PM »
Reply with quote

Try the YaBBpak.  Your problem is that you aren't logged in as an administrator....

OK -  I'll try that...

Using YaBBpak worked beautifully.

Well, that is once I set the group and others write permissions of my yabbse directory and renamed LogInOut.php to LoginOut.php. (So, I'd say we're even on that one. ;))

Thanks!
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #9 on: May 06, 2003, 05:54:17 PM »
Reply with quote

*makes note to change the filename...*

-[Unknown]
Logged
FaSan
Jr. Member
**
Posts: 67



Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #10 on: October 04, 2003, 07:16:41 AM »
Reply with quote

On my Mod's Section, i change the status of enhsecurity but when i save this is not register this.

When i going to the mod's section i see the status on off.


Help Me !


Excuse my little..little english  8)
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #11 on: October 05, 2003, 02:35:59 AM »
Reply with quote

Make sure you installed the mod properly and completely.

-[Unknown]
Logged
FaSan
Jr. Member
**
Posts: 67



Re:[Beta 1.5.2] Enhanced Security 1.2
« Reply #12 on: October 10, 2003, 02:20:43 AM »
Reply with quote

Hi !

I'm sure... i've re-check all and it's ok...

Help Me !!  :'( :'( :'(
Logged
Pages: [1] Reply Ignore Print 
YaBB SE Community  |  Development  |  Completed mods  |  Topic: [Beta 1.5.2] Enhanced Security 1.2 « previous next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.0.15 | SMF © 2017, Simple Machines
Valid XHTML 1.0! Valid CSS!
Page created in 0.705 seconds with 34 queries.