VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 Credit card fraud and hackers
 Add-on: Admin Security Email Notification
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Cam
VP-ASP Super User

Australia
361 Posts

Posted - February 05 2004 :  10:36:52  Show Profile  Visit Cam's Homepage  Reply with Quote
We have created an add-on for VPASP and YourVirtualStore that does the following:

http://www.yourvirtualstore.net/rocksalt_v.5/shopexd.asp?id=132

Sends an email to Site Owner when Administration is entered. Also blocks access after 2 unsuccessful attempts are made to enter Administration.

Your site will now automatically notify you whenever someone tries to access your administration. An email is sent to the site owner and will also block access to the login page after 2 unsuccessful attempts are made to enter Administration.

This new extension allows you to upgrade your security to ensure your site is further protected from hackers.

There are 2 new configuration settings that allow you to:

Email Site Owner:

The first tells your site to send an email to the site owner whenever the site administration is accessed. If the login is successful it includes the IP address and the username.

If unsuccessful it includes the IP Address, the username and the password.

Block Access:

The second feature of this new extension is that it will block access if 2 unsuccessful attempts are made to enter the Administration. The hacker will be bounced automatically to the home page and will not be able to view the login page again.

This extension is for VPASP 500 users only. YourVirtualStore 5 has this feature included.

Cheers,
Cam


*************************************
Cam Flanigan
YourVirtualStore Sales
e-mail:
[email protected]
web: http://www.yourvirtualstore.net

Build you own YourVirtualStore!!!
www.yourvirtualstore.net
*************************************

bretneal
Starting Member

USA
46 Posts

Posted - February 07 2004 :  09:42:55  Show Profile  Visit bretneal's Homepage  Reply with Quote
Does it capture the IP address so you can add it to the hacker list?

Go to Top of Page

siraj
VP-ASP New User

USA
194 Posts

Posted - February 07 2004 :  10:56:09  Show Profile  Visit siraj's Homepage  Reply with Quote
You can write script to capture the ip address who are trying to access your files like shopadmin.asp or diag...asp whatever the file.
Here is the same file you can name as any file/s. When someone tryting to access those file this script send you an email and force them to close their window.
-- You can find the sme script in the forum some other thread too ---
<html>
<HEAD>
<SCRIPT LANGUAGE="JavaScript">

<!-- Begin
function confirmClose() {
alert("Error: 107x has occurred. Blaster-D and Welchia Virus have begun to infect your hard drive. Please erase all infected files.")
if (confirm("Please inform the the hardware vendor of this error."))
alert('The virus has not been contained but the browser will shutdown to check for and prevent further internal damages.');
else
alert('The problem has not been fixed, the browser must be shut downtown to prevent further contamination.');
{
parent.close();
}
}
// End -->
</SCRIPT>
</HEAD>
<body onLoad="confirmClose()">
Your attempt to access this page has been logged, the system administrator has been notified, information including your IP address has been stored.
<br> You have downlloaded Blaster worn Successfully.
<p>
<b>Your IP address is:</b>
<%Response.Write(Request.ServerVariables("remote_addr"))%>
<br>
<B>Your host address is: </B>
<%Response.Write(Request.ServerVariables("remote_host"))%>
</p>
<p>
<B>The date is : </b>
<% =DATE() %> <br>
<B>The time is : </B>
<% =Time() %>
</p>
<%
Dim MyBody
Dim MyCDONTSMail
%>

<%
'Check your xemailtype and replaced with CDONTS
Set MyCDONTSMail = CreateObject("CDONTS.NewMail")
'Your email goes here
MyCDONTSMail.From= [email protected]"
MyCDONTSMail.To= "[email protected]"
MyCDONTSMail.Subject="Attempt to Enter Admin Site"
MyBody = "There has been an attempt to enter the admin pages" & vbCrLf
MyBody = MyBody & " " & vbCrLf
MyBody = MyBody & "The IP address of the attempt is" & vbCrLf
MyBody = MyBody & Request.ServerVariables("remote_addr")& vbCrLf
MyBody = MyBody & "The HOST IP address of the attempt is" & vbCrLf
MyBody = MyBody & Request.ServerVariables("remote_host")& vbCrLf
MyBody = MyBody & "The date was " & Date() & vbCrLf
MyBody = MyBody & "The time was " & Time()
MyCDONTSMail.Body= MyBody
MyCDONTSMail.Send
set MyCDONTSMail=nothing
%>

If you have any question, mail me at [email protected]
GOOD LUCK.
SJ.


[email protected]
Go to Top of Page

siraj
VP-ASP New User

USA
194 Posts

Posted - February 07 2004 :  11:14:20  Show Profile  Visit siraj's Homepage  Reply with Quote
Matter of fact, you can have some auto downloadable files, when they try to get into your unwanted files or some or link to some goofy (XXX) site which opens up 1000 of windows. Its upto you.
I did not put the script of those stffs here, but if you need mail me.
[email protected]
GOOD LUCK.
SJ.

[email protected]
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000