Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x
Author Message
wiz
Involved
Involved


Joined: Oct 09, 2006
Posts: 413
Location: UK

PostPosted: Tue Dec 26, 2006 10:07 am Reply with quote

What are the implications of switching the Invalid IP check in config.php
to TRUE?

A few of my members are experiencing the invalid IP error, and like a few people on here, its bugging the hell out of me. IP2country is imported, i even got one guys range and added it manually to the list of ranges, still no cigar.
So..what does the invalid IP checker do, and more importantly, what does altering this setting mean for the security of my site?


Last edited by wiz on Wed Jan 17, 2007 4:34 pm; edited 1 time in total 
View user's profile Send private message Visit poster's website AIM Address
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Tue Dec 26, 2006 10:18 am Reply with quote

If you are referring to the $bypassNukeSentinelInvalidIPCheck setting, yes, changing that to TRUE should resolve that issue.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
wiz
PostPosted: Tue Dec 26, 2006 10:21 am Reply with quote

but what implications will that have on my security?
Obviously its set to FALSE for a reason?
 
kguske
PostPosted: Tue Dec 26, 2006 10:28 am Reply with quote

NukeSentinel will continue to protect against attacks. The invalid IP check is an extra measure of security that isn't necessary for most sites. It doesn't check against specific attacks - merely the possibility that someone using an invalid IP is likely to being doing so for a malicious reason (think "guilty until proven innocent).

I think the default should be set to TRUE because the associated problems cause too many support issues and most people end up changing it.
 
wiz
PostPosted: Tue Dec 26, 2006 10:30 am Reply with quote

ahhh ok fair enough.
Cheers kguske
 
mo-jo-52
New Member
New Member


Joined: Nov 19, 2006
Posts: 7

PostPosted: Fri Jan 05, 2007 7:28 pm Reply with quote

kguske wrote:
$bypassNukeSentinelInvalidIPCheck setting


Where is this file located? I looked in my config.php and did not see it. I have some people who would like to join my forum but are unable to because of this.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Fri Jan 05, 2007 7:41 pm Reply with quote

Add

$bypassNukeSentinelInvalidIPCheck = true;

to your config.php to bypass the invalid IP check.

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Sat Jan 06, 2007 8:10 am Reply with quote

:clap: Thanks Gremmie!

That setting was added as a part of RavenNuke 2.02.02 and greater, so it will not be there in a non-RavenNuke installation (most likely). However, just do what Gremmie has suggested. Works great. (It was added to NukeSentinel a few releases ago.)

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
blackplague
Hangin' Around


Joined: Oct 23, 2004
Posts: 25

PostPosted: Mon Feb 05, 2007 4:32 am Reply with quote

You are using an Invalid IP to access this site!

your solution is'nt working for me.I have ravennuke7.6 installed and for no apparent reason when trying to access my site the above comes up instead of my site.Your solution of adding $bypassNukeSentinelInvalidIPCheck = true; to the config.php file is'nt working.


Last edited by blackplague on Mon Feb 05, 2007 6:19 am; edited 2 times in total 
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger
kguske
PostPosted: Mon Feb 05, 2007 5:27 am Reply with quote

Sorry - look in the rnconfig.php file.
 
blackplague
PostPosted: Mon Feb 05, 2007 5:33 am Reply with quote

And where is the rnconfig.php file?There is none in my ravennuke7.6 distro
 
blackplague
PostPosted: Mon Feb 05, 2007 6:17 am Reply with quote

$bypassNukeSentinelInvalidIPCheck = true;

adding this to the config.php file is not getting me in.Very frustrated,can you help?
 
Dawg
RavenNuke(tm) Development Team


Joined: Nov 07, 2003
Posts: 910

PostPosted: Mon Feb 05, 2007 6:21 am Reply with quote

blackplague,
If I recall correctly updating the IP to Country tables resolves that problem. So go to your database and wipe out your IP to country data and then go into Sentinal and let it run through adding the data back.

Dawg
 
View user's profile Send private message
blackplague
PostPosted: Mon Feb 05, 2007 6:39 am Reply with quote

I'm sorry for the real n00b question,but how exactly do i add back the ip2country table.i'm back into my site now so thank you.i droped the ip2country table.when i go to my admin panel nukesentinal the ip2country link isnt there.do i go to mysite/INSTALLATION/installSQL.php?
 
blackplague
PostPosted: Mon Feb 05, 2007 7:02 am Reply with quote

Nope that wasent the solution.i messed up my entire site with the mysite/INSTALLATION/installSQL.php.Having to reinstall ravennuke7.6 all over again with a new db.
 
wiz
PostPosted: Mon Feb 05, 2007 7:15 am Reply with quote

the line that you added to RN 2.0.20 is already present in that file. Delete the line you added. Then look nearer the top. From memory its just below your db information
 
kguske
PostPosted: Mon Feb 05, 2007 9:30 am Reply with quote

rnconfig.php is in the root directory with config.php
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Mon Feb 05, 2007 9:40 am Reply with quote

If you are using RavenNuke(tm) v2.02.02 you will not have an rnconfig.php file. We introduce that in v2.10.00. But, in the config.php file that ships with v2.02.02, you should see

/*********************************************************************/
/* The following settings have been added for use in RavenNuke76 */
/*********************************************************************/
$bypassNukeSentinelInvalidIPCheck = FALSE; //This should only be used (set to TRUE) when testing locally and not in a production environment
$bypassInstallationFolderCheck = FALSE; //This should only be used (set to TRUE) when testing locally and not in a production environment

If you don't see it then you are not using the correct config.php file that ships with v2.02.02.
 
View user's profile Send private message
kguske
PostPosted: Mon Feb 05, 2007 11:35 am Reply with quote

Thanks for the correction on rnconfig, Raven!

blackplague, it might need to be caps, e.g.:
Code:
$bypassNukeSentinelInvalidIPCheck = TRUE; 

I don't know why lower case wouldn't work though.
 
blackplague
PostPosted: Mon Feb 05, 2007 3:30 pm Reply with quote

That worked Thank You
 
Dawg
PostPosted: Mon Feb 05, 2007 4:03 pm Reply with quote

blackplague,
I said data...not TABLES. The last time I had problems with the invalid IP banning everyone that is excatly what I had to do. I killed the data and reloaded the data. It worked like a champ.

Note for the future, If you do not understand....don't do anything. The good part is I bet you are good at doing the install now.

Dawg
 
lilc420
New Member
New Member


Joined: Feb 02, 2007
Posts: 24

PostPosted: Thu Mar 01, 2007 7:30 pm Reply with quote

Dawg wrote:
The good part is I bet you are good at doing the install now. Dawg


LMFAO... that made my day... don't know why. Very Happy
 
View user's profile Send private message
CodyG
Life Cycles Becoming CPU Cycles


Joined: Jan 02, 2003
Posts: 712
Location: Vancouver Island

PostPosted: Mon Mar 19, 2007 6:12 pm Reply with quote

Sorry to bump this ... but some of my users are having issues with this invalid IP thing ... and I have the bypass variable in rnconfig.php set to TRUE.

It seems the common factor in this issue are that they all access the site through a google or other search engine link.

Any ideas? thoughts? fixes?

_________________
"We want to see if life is ubiquitous." D.Goldin 
View user's profile Send private message
wiz
PostPosted: Mon Mar 19, 2007 6:15 pm Reply with quote

CodyG We were told that the latest Senti would fix this (2.5.06) we are now as you know on .07 and i dont think its had a reliable fix yet.. just my opinion.
Even in 2.1 2.5.07 mine is still set to TRUE.
 
jjh221
Worker
Worker


Joined: Dec 05, 2006
Posts: 178

PostPosted: Mon Mar 19, 2007 9:22 pm Reply with quote

is there a security issue setting it to true?
 
View user's profile Send private message
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©