Resource icon

xF1 Add-on XenLoginSecurity: IP Address Account Login Security 1.0.2

No permission to download
Prevents an attacker from accessing a protected account by brute force, or even if they have gained the password by other methods
  • Protect your account from access / brute force attempts by only allowing specified IP ranges to Login for that account
  • XenLoginSecuity is permissions based, so any account can be granted this option (Admins / Moderators / Usergroups / Individuals)
  • Once granted the permissions, users can turn this on / off from their account >> Personal Details >> Login Security
  • User can define a list of allowed IP addresses and also define a network range
  • If a user tries to access an account from an unauthorised IP address, they are prevented from logging in, this attempted is logged
  • On attempting to login from an unauthorised IP address, an automatic email is sent to the users account
  • The automatic email contains a link with an access key, this link will allow access to login from any IP for a limited time (but only for the individual user account)
  • The maximum number of auto emails a user receives a day is definable in the ACP
  • The maximum number of auto emails any given IP address can send a day is definable in the ACP
  • The time limit for the access key to expire is definable in the ACP
  • The access key is not just created from time dependant random function, but also hashed details the attacker could no know about the account
  • The ACP area is also protected by XenLoginSecurity if the Admin has permissions and has switched it on
  • No auto email is sent from the ACP area (if needed, the admin can send an auto email from the forum area, then add the new IP address to their Login Security account)

(note, if the forum tells you that it is closed from registering, it is likely I have prevented your country from registering with StopCountrySpam, let me know if this is the case via PM/Conversation)
You should now have the following folder structure:
http:// www.
  • Go to ACP -> Add-ons -> Install Add-on -> Install from file on server
  • Install from file on server: " library/XenLoginSecurity/addon-XenLoginSecurity.xml"
  • Set options in the administration control panel ACP>>Home>>Options>>XenLoginSecurity
  • Give XenLoginSecurity to the user group you wish to alow use this addon: Users >> User Group Permissions >> XenLoginSecurity - User Permissions
The individual user can now turn this on from their account details and add the appropriate individual IP addresses and IP range

1. Unzip the following zip file, and copy over the original files with the new versions (just copy over the entire StopCountrySpam Folder)

2. From within the Admin Control Panel: yourforum/admin.php?add-ons/
find the XenLoginSecurity, and select the options
Control >> Upgrade

3. Upgrade from file on server: library/XenLoginSecurity/addon-XenLoginSecurity.xml
  • xlsec_account.jpg
    76.4 KB · Views: 88
  • xlsec_account2.jpg
    80 KB · Views: 80
  • xlsec_acp.jpg
    48.8 KB · Views: 82
  • xlsec_acp_login.jpg
    26.2 KB · Views: 89
  • xlsec_email.jpg
    75.3 KB · Views: 81
  • xlsec_login.jpg
    90.4 KB · Views: 84
14.1 KB
First release
Last update

More resources from Admin

Similar resources

Brivium - Account Security Essential AnimeHaxor
This add-on is the safety solution of security in your forum/site with effective methods.
0.00 star(s) 0 ratings
[WMTech] Sticky Multiple Account Info Admin
Cross Browser (with Flash Cookies) Multiple Account Detection, Reporting and Information
0.00 star(s) 0 ratings