Jump to content
jclarke

UnBlockIP - Free CSF Unblock Module for WHMCS

Recommended Posts

We have forked the UnblockMe CSF WHMCS Module 2.0 by Franksworld Solutions, LLC and have made several enhancements for our own use. We are releasing our version under the same BSD Modified license as the original.

 

We have made the following changes from the original.

 

  • This is now an addon module for easy installation and upgrades.
  • The unblock ip page is now accessed directly instead having to go to a service.
  • The unblock page/template is themed to match the new default WHMCS template.
  • The menu item is only displayed if the client has an active cPanel service.
  • If the user has multiple active accounts, it will check every cPanel server associated with the client for an ip block.

 

 

For installation instructions and to download the module, please visit our

UnBlockIP Project Page

Share this post


Link to post
Share on other sites

We have added a few more features and have now made version 1.1 available for download.

 

New features for V1.1

 

  • Displays the csf log entry so the client can see the reason why the ip was blocked.
  • Logs successful unblocks in the WHMCS client log.
  • For added security you can set maximum number of unblocks a client can issue in a 5 minute time period. The default is set to 5.

Share this post


Link to post
Share on other sites

very usefull, thanks for sharing!

 

Is there a way i can set 5 unlock in 24hours? 5 unlock every 5 minuts seems to short to me. :)

Share this post


Link to post
Share on other sites
Good Jobs, DirectAdmin is supported

DirectAdmin is not support since we don't use DirectAdmin. If anyone is interested in having DirectAdmin support added, you can PM me if you wish to sponsor the development and can provide a test server.

Share this post


Link to post
Share on other sites
very usefull, thanks for sharing!

 

Is there a way i can set 5 unlock in 24hours? 5 unlock every 5 minuts seems to short to me. :)

 

I'll look at making this a configureable option in the future, until then you can change this by making the following change to the unblockip.php file.

 

Find this function

function number_of_recent_unblocks($whmcs_client_id) {
 $query = "select id from tblactivitylog WHERE userid = " . $whmcs_client_id ." AND (date between DATE_SUB(now(), interval 5 minute) and now()) and description LIKE '%Unblocked the IP Address%'";
 $result = mysql_query($query);
 return mysql_num_rows($result);
}

 

And change the interval in the DATE_SUB call to whatever you would like for example to use 24 hours.

function number_of_recent_unblocks($whmcs_client_id) {
 $query = "select id from tblactivitylog WHERE userid = " . $whmcs_client_id ." AND (date between DATE_SUB(now(), interval 24 hour) and now()) and description LIKE '%Unblocked the IP Address%'";
 $result = mysql_query($query);
 return mysql_num_rows($result);
}

Share this post


Link to post
Share on other sites

Version 1.2 is now available. The main new feature is the ability to search and unblock from the admin area.

 

*You can now search for and unblock an ip across all active cPanel servers from the WHMCS admin area.

*The minute interval for max checks is now a configurable option.

*Made the WHMCS 5.1 template default.

 

For installation instructions and to download the module, please visit our

UnBlockIP Project Page

 

If you anyone has any features you would like added, please let me know, if it is a good idea I'll make sure it gets added to the next release.

Share this post


Link to post
Share on other sites

Wonderfull script. I have installed it and configured properly. However, can you put all the options in the same line like this.

IP Address To Check<----------->Text Box for IP<----------->Unlblock Button

Share this post


Link to post
Share on other sites

jamshed_11946, the output is customizable. Just edit the unblockip.tpl file and you can change the layout to anything you would like.

Share this post


Link to post
Share on other sites
jamshed_11946, the output is customizable. Just edit the unblockip.tpl file and you can change the layout to anything you would like.

 

Thanks but I have the latest version of whmcs installed and there two .tpl files. So, which should I modify to reflect the changes?

Share this post


Link to post
Share on other sites
Thanks but I have the latest version of whmcs installed and there two .tpl files. So, which should I modify to reflect the changes?

 

You should modify the unblockip.tpl file.

 

The other template file isn't used directly, unblockip503.tpl is available for anyone using WHMCS 5.0.3 and should be renamed unblockip.tpl if you are using that version of WHMCS.

Share this post


Link to post
Share on other sites

A quick update, in case anyone uses cPanel reseller accounts in WHMCS instead of root accounts, this is now supported as long as you allow access in the /etc/csf/csf.resellers on each server for each reseller user you use.

 

Version 1.3 has this feature added to it, if you don't need this feature then you can skip this update.

Share this post


Link to post
Share on other sites

Thanks for the script. Please add 3 features.

 

1) Unblock all IPs from ALL servers

2) Unblock all IPs from a specific server

3) Unblock single IP from a specific server

 

Right now I feel like having it unblock the IP from all servers could cause a resource and time drain for a company with many servers.

 

Just some ideas, but great work and thank you!

Share this post


Link to post
Share on other sites

Can you add a security issue to where users can only unblock their IP if they have a web service?

Like in their services, they go to view details and below it will say CSF, unblock your IP so not just anyone can sign up and keep unblocking themselves

Share this post


Link to post
Share on other sites
Can you add a security issue to where users can only unblock their IP if they have a web service?

 

Isn't that how it is now?

AFAIK it only checks IP's on the servers where a client has an active service.

Share this post


Link to post
Share on other sites
Can you add a security issue to where users can only unblock their IP if they have a web service?

Like in their services, they go to view details and below it will say CSF, unblock your IP so not just anyone can sign up and keep unblocking themselves

 

The module already does this, it will only search for and unblock ip addresses on servers that the user has an active service on.

Share this post


Link to post
Share on other sites

Great tool, thanks for sharing.

 

Bug or is it by design?

 

If there are multiple entries for the IP it will be shown as "The IP xyz.xyz.xyz.xyz is not blocked on any active cPanel server."

 

Like I have an entry as:

tcp|in|d=2244|s=183.62.231.233 # 'lfd: (sshd) Failed SSH login from 183.62.231.233 (CN/China/-): 3 in the last 300 secs' - Thu Jul 19 13:25:52 2012

tcp|in|d=2244|s=183.62.231.233 # 'lfd: (sshd) Failed SSH login from 183.62.231.233 (CN/China/-): 3 in the last 300 secs' - Thu Jul 19 13:27:06 2012

 

Now if I search from admin area for 183.62.231.233, result is "The IP 183.62.231.233 is not blocked on any active cPanel server."

Share this post


Link to post
Share on other sites

Now if I search from admin area for 183.62.231.233, result is "The IP 183.62.231.233 is not blocked on any active cPanel server."

 

I'm not able to replicate this issue, I manually added an ip twice to csf.deny and it still removes it.

Does it work for you if the ip is only blocked once? If not, verify that the server is setup in WHMCS with the proper ip, username, and access hash. Also verify you are using the latest csf, you can quickly update to the latest version of csf by running csf -u

 

Also, CSF doesn't allow for an IP address to be in the deny.csf twice unless you add it there manually.

Edited by jclarke

Share this post


Link to post
Share on other sites

For single entry it works fine, for multiple entries it does not work.

 

CSF is latest: csf v5.59

 

I will check why CSF is adding multiple entries, from the current entries I can see different time stamp for each entry.

 

Also you need to fix documentation at http://projects.serverping.net/projects/unblockip/wiki/Installation_Instructions

 

{if $unblockip_show}
<li><a href="index.php?m=unblockip">Unblock IP</a></li> {/if}

 

Should be

 

{if $unblockip_isactive}
<li><a href="index.php?m=unblockip">Unblock IP</a></li> {/if}

Edited by Vinsar

Share this post


Link to post
Share on other sites

Okay may be because my entries are

 

tcp|in|d=2244|s=79.142.60.194 # 'lfd: (sshd) Failed SSH login from 79.142.60.194 (KZ/Kazakhstan/-): 3 in the last 300 secs' - Sat Jul 21 16:11:41 2012

 

Whereas standard entries are like

79.142.60.194 # 'lfd: (sshd) Failed SSH login from 79.142.60.194 (KZ/Kazakhstan/-): 3 in the last 300 secs' - Sat Jul 21 16:11:41 2012

 

I tried 79.142.60.194, but the result was "The IP 79.142.60.194 is not blocked on any active cPanel server.", while it is not multiple entry.

Share this post


Link to post
Share on other sites
I tried 79.142.60.194, but the result was "The IP 79.142.60.194 is not blocked on any active cPanel server.", while it is not multiple entry.

 

Using that format seems to break csf's ip search feature. For example when you run csf -g 79.142.60.194 , it will return that the ip is blocked but it doesn't return the reason which breaks the regex that the addon module uses so it thinks the ip isn't blocked. That is most likely the reason csf is adding multiple ip blocks in csf.deny as well.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated