UnBlockIP - Free CSF Unblock Module for WHMCS

[jclarke]

We have forked the UnblockMe CSF WHMCS Module 2.0 by Franksworld Solutions, LLC and have made several enhancements for our own use. We are releasing our version under the same BSD Modified license as the original.

 

We have made the following changes from the original.

 

• This is now an addon module for easy installation and upgrades.
  
• The unblock ip page is now accessed directly instead having to go to a service.
  
• The unblock page/template is themed to match the new default WHMCS template.
  
• The menu item is only displayed if the client has an active cPanel service.
  
• If the user has multiple active accounts, it will check every cPanel server associated with the client for an ip block.
  

 

 

For installation instructions and to download the module, please visit our

UnBlockIP Project Page

[jclarke]

We have added a few more features and have now made version 1.1 available for download.

 

New features for V1.1

 

• Displays the csf log entry so the client can see the reason why the ip was blocked.
  
• Logs successful unblocks in the WHMCS client log.
  
• For added security you can set maximum number of unblocks a client can issue in a 5 minute time period. The default is set to 5.
  

[SteveV]

Thank you very much - these are awesome improvements, and thank you for sharing!

[AlessandroB]

Good Jobs, DirectAdmin is supported ?

 

Thanks

[zelatech]

very usefull, thanks for sharing!

 

Is there a way i can set 5 unlock in 24hours? 5 unlock every 5 minuts seems to short to me.

[jclarke]

Good Jobs, DirectAdmin is supported

DirectAdmin is not support since we don't use DirectAdmin. If anyone is interested in having DirectAdmin support added, you can PM me if you wish to sponsor the development and can provide a test server.

[jclarke]

very usefull, thanks for sharing!

 

Is there a way i can set 5 unlock in 24hours? 5 unlock every 5 minuts seems to short to me.

 

I'll look at making this a configureable option in the future, until then you can change this by making the following change to the unblockip.php file.

 

Find this function

function number_of_recent_unblocks($whmcs_client_id) {
 $query = "select id from tblactivitylog WHERE userid = " . $whmcs_client_id ." AND (date between DATE_SUB(now(), interval 5 minute) and now()) and description LIKE '%Unblocked the IP Address%'";
 $result = mysql_query($query);
 return mysql_num_rows($result);
}

 

And change the interval in the DATE_SUB call to whatever you would like for example to use 24 hours.

function number_of_recent_unblocks($whmcs_client_id) {
 $query = "select id from tblactivitylog WHERE userid = " . $whmcs_client_id ." AND (date between DATE_SUB(now(), interval 24 hour) and now()) and description LIKE '%Unblocked the IP Address%'";
 $result = mysql_query($query);
 return mysql_num_rows($result);
}

[zelatech]

thanks for quick replying!

[jclarke]

Version 1.2 is now available. The main new feature is the ability to search and unblock from the admin area.

 

*You can now search for and unblock an ip across all active cPanel servers from the WHMCS admin area.

*The minute interval for max checks is now a configurable option.

*Made the WHMCS 5.1 template default.

 

For installation instructions and to download the module, please visit our

UnBlockIP Project Page

 

If you anyone has any features you would like added, please let me know, if it is a good idea I'll make sure it gets added to the next release.

[HostinPK]

Wonderfull script. I have installed it and configured properly. However, can you put all the options in the same line like this.

IP Address To Check<----------->Text Box for IP<----------->Unlblock Button

[jclarke]

jamshed_11946, the output is customizable. Just edit the unblockip.tpl file and you can change the layout to anything you would like.

[HostinPK]

jamshed_11946, the output is customizable. Just edit the unblockip.tpl file and you can change the layout to anything you would like.

 

Thanks but I have the latest version of whmcs installed and there two .tpl files. So, which should I modify to reflect the changes?

[jclarke]

Thanks but I have the latest version of whmcs installed and there two .tpl files. So, which should I modify to reflect the changes?

 

You should modify the unblockip.tpl file.

 

The other template file isn't used directly, unblockip503.tpl is available for anyone using WHMCS 5.0.3 and should be renamed unblockip.tpl if you are using that version of WHMCS.

[jclarke]

A quick update, in case anyone uses cPanel reseller accounts in WHMCS instead of root accounts, this is now supported as long as you allow access in the /etc/csf/csf.resellers on each server for each reseller user you use.

 

Version 1.3 has this feature added to it, if you don't need this feature then you can skip this update.

[SteveV]

Again, thank you - you are very kind to share this with us.

[mrl14]

Thanks for the script. Please add 3 features.

 

1) Unblock all IPs from ALL servers

2) Unblock all IPs from a specific server

3) Unblock single IP from a specific server

 

Right now I feel like having it unblock the IP from all servers could cause a resource and time drain for a company with many servers.

 

Just some ideas, but great work and thank you!

[camcole1]

Can you add a security issue to where users can only unblock their IP if they have a web service?

Like in their services, they go to view details and below it will say CSF, unblock your IP so not just anyone can sign up and keep unblocking themselves

[ethix]

Can you add a security issue to where users can only unblock their IP if they have a web service?

 

Isn't that how it is now?

AFAIK it only checks IP's on the servers where a client has an active service.

[jclarke]

Can you add a security issue to where users can only unblock their IP if they have a web service?

Like in their services, they go to view details and below it will say CSF, unblock your IP so not just anyone can sign up and keep unblocking themselves

 

The module already does this, it will only search for and unblock ip addresses on servers that the user has an active service on.

[Vinsar]

Great tool, thanks for sharing.

 

Bug or is it by design?

 

If there are multiple entries for the IP it will be shown as "The IP xyz.xyz.xyz.xyz is not blocked on any active cPanel server."

 

Like I have an entry as:

tcp|in|d=2244|s=183.62.231.233 # 'lfd: (sshd) Failed SSH login from 183.62.231.233 (CN/China/-): 3 in the last 300 secs' - Thu Jul 19 13:25:52 2012

tcp|in|d=2244|s=183.62.231.233 # 'lfd: (sshd) Failed SSH login from 183.62.231.233 (CN/China/-): 3 in the last 300 secs' - Thu Jul 19 13:27:06 2012

 

Now if I search from admin area for 183.62.231.233, result is "The IP 183.62.231.233 is not blocked on any active cPanel server."

[jclarke]

Now if I search from admin area for 183.62.231.233, result is "The IP 183.62.231.233 is not blocked on any active cPanel server."

 

I'm not able to replicate this issue, I manually added an ip twice to csf.deny and it still removes it.

Does it work for you if the ip is only blocked once? If not, verify that the server is setup in WHMCS with the proper ip, username, and access hash. Also verify you are using the latest csf, you can quickly update to the latest version of csf by running csf -u

 

Also, CSF doesn't allow for an IP address to be in the deny.csf twice unless you add it there manually.

Edited July 21, 2012 by jclarke

[Vinsar]

For single entry it works fine, for multiple entries it does not work.

 

CSF is latest: csf v5.59

 

I will check why CSF is adding multiple entries, from the current entries I can see different time stamp for each entry.

 

Also you need to fix documentation at http://projects.serverping.net/projects/unblockip/wiki/Installation_Instructions

 

{if $unblockip_show}
<li><a href="index.php?m=unblockip">Unblock IP</a></li> {/if}

 

Should be

 

{if $unblockip_isactive}
<li><a href="index.php?m=unblockip">Unblock IP</a></li> {/if}

Edited July 21, 2012 by Vinsar

[Vinsar]

Okay may be because my entries are

 

tcp|in|d=2244|s=79.142.60.194 # 'lfd: (sshd) Failed SSH login from 79.142.60.194 (KZ/Kazakhstan/-): 3 in the last 300 secs' - Sat Jul 21 16:11:41 2012

 

Whereas standard entries are like

79.142.60.194 # 'lfd: (sshd) Failed SSH login from 79.142.60.194 (KZ/Kazakhstan/-): 3 in the last 300 secs' - Sat Jul 21 16:11:41 2012

 

I tried 79.142.60.194, but the result was "The IP 79.142.60.194 is not blocked on any active cPanel server.", while it is not multiple entry.

[jclarke]

Also you need to fix documentation at http://projects.serverping.net/projects/unblockip/wiki/Installation_Instructions

 

Thanks for the heads up, that has been fixed.

[jclarke]

I tried 79.142.60.194, but the result was "The IP 79.142.60.194 is not blocked on any active cPanel server.", while it is not multiple entry.

 

Using that format seems to break csf's ip search feature. For example when you run csf -g 79.142.60.194 , it will return that the ip is blocked but it doesn't return the reason which breaks the regex that the addon module uses so it thinks the ip isn't blocked. That is most likely the reason csf is adding multiple ip blocks in csf.deny as well.