Submitted: 15th May 2011
Last Updated: 11th June 2011
The MyBB Admin CP Honeypot is a fake /admin/ directory that looks and acts just like the real thing. The difference? It doesn't actually "work".
Attackers will be faced with an eternal "Wrong username/password" error and will hopefully get discouraged. In addition, the login details that they use in addition to their IP address will be emailed to you, so you can take appropriate action against them.
Admin CP Honeypot Security Features:
- Looks and acts just like the real Admin CP (down to the Source whitespace)
- Mimics the exact file structure of the /admin/ directory, and outputs the same HTML source code.
- Emails the attacker's login information and IP address.
- Plugin file outputs a 404 header and HTML source.
1) Rename your real /admin/ directory and modify your /inc/config.php to reflect the change.
2) Upload the new fake /admin/ directory and the plugin file.
3) Activate the plugin and set email notification preferences.
IMPORTANT: The use of this plugin does not guarantee that your forum will not be hacked. This is only one of many safety measures that can be used to reduce (not eliminate) chances.
THE FOLLOWING IS THE LICENSE FOR THIS PLUGIN, NOT WHAT IS ON THE NEXT PAGE (THE MYBB MODS SITE IS NOT LETTING ME APPLY THE CORRECT LICENSE):
- Install this plugin on your own installation of MyBB.
- Edit this plugin for your own personal needs.
- Remove visible page copyright (setting in Admin CP).
You may not:
- Distribute this plugin.
- Edit/modify this plugin and then distribute it.
- Remove in-file copyrights.
- Claim this plugin as your own work.
Plugin is provided as-is. The plugin author and MyBBWebHost is not responsible for any damages
done to your board through use (indirect or direct) of this plugin. Use at your own risk.