Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
prekill
Worker
Worker


Joined: Oct 22, 2005
Posts: 201

PostPosted: Thu Aug 07, 2008 12:28 am Reply with quote

Hey guys,

I noticed reccenly to have heavy traffic on my site... didnt really stop to think of that.

Today my site got suspend. I talked with the hosting company they said its a resource abuse. now I got unsuspend and disabled the site using nukesentinel.

Each time I enable the site the number of pepeol is increased very fast and stabilize on about a 100. I sure all of them are bots.

How do I handle this? and ban them from my site?
 
View user's profile Send private message
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Thu Aug 07, 2008 12:56 am Reply with quote

Check the tracked IP's in Sentinel and also check your logs. This should tell you if they are bots and which bots they are.

What version of Nuke are you running?

100 isn't a lot really, so I am surprised your host is qouting resource abuse. May be there is something else causing load on the server, or perhaps it is time to find a new host. Wink
 
View user's profile Send private message
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Thu Aug 07, 2008 2:41 am Reply with quote

You should also check your server error logs as these might show you failed attacks, very often against scripts not even installed.

Ask your host if he uses mod_security and also, to show you are as concenred as them, ask him for a copy of the logs from which he has based his 'high resource useage' so you can see if there is anything in them you can work with.
If your host cannot provide you with those logs and work with you to resolve the problem then the chances are quite high (from my own experiences) that you should change your host as most likely, they have over sold accounts on the server.
 
View user's profile Send private message Send e-mail
prekill
PostPosted: Thu Aug 07, 2008 10:31 am Reply with quote

How much does raven take for hosting?


Last edited by prekill on Thu Aug 07, 2008 10:34 am; edited 2 times in total 
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Thu Aug 07, 2008 10:33 am Reply with quote

You can contact him on Only registered users can see links on this board! Get registered or login! or via PM for that.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
prekill
PostPosted: Thu Aug 07, 2008 10:34 am Reply with quote

nukesentinel says: "There are currently no IP addresses in the database"

whats the problem might be?
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Thu Aug 07, 2008 8:43 pm Reply with quote

IP Tracking is probably not turned on.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
prekill
PostPosted: Fri Aug 08, 2008 2:21 am Reply with quote

How can I make NukeSentinel to act more aggressively?

I turned on IP Tracking yesterday but it still empty.

What are the recommend settings for NukeSentinel and .htaccess?

Thank for the help!
 
jakec
PostPosted: Fri Aug 08, 2008 5:36 am Reply with quote

As soon as you turn on NS it should start tracking straight away. If it's not there may be a problem.
 
prekill
PostPosted: Fri Aug 08, 2008 6:03 am Reply with quote

just checked it again and still nothing... what might be wrong? what should I check?
 
Guardian2003
PostPosted: Fri Aug 08, 2008 6:55 am Reply with quote

I am assuming you installed Nuke Sentienl (tm) yourself so you might want to make sure the edits for mainfile.php were done correctly.
Are you getting any errors when you turn error reporting on in config.php ?
 
prekill
PostPosted: Fri Aug 08, 2008 7:49 am Reply with quote

Umm I looked in my config.php file but cant see anything about error reporting, what should I look for? trying to check nuke senienl edits now.
 
Guardian2003
PostPosted: Fri Aug 08, 2008 8:47 am Reply with quote

In nukes config file you should see something like this;
Code:
$display_errors = false;
and it needs to be changed to
Code:
$display_errors = true;
to turn error reporting on.
 
prekill
PostPosted: Fri Aug 08, 2008 10:28 am Reply with quote

nop, I dont have $display_errors in my config.php file.

heres my config.php:

Code:


<?php

######################################################################
# PHP-NUKE:
# ============================================
#
# (c) 2005 Francisco Burzi (fbc@mandrakesoft.com)
# http://phpnuke.org
#
#
#
# This program is free software. You can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License.
######################################################################

######################################################################
# Database & System Config
#
# dbhost:        (localhost )
# dbuname:     
# dbpass:       
# dbname:       
# $prefix:      Your Database table's prefix
# $user_prefix: Your Users' Database table's prefix (To share it)
# $dbtype:      . :
#               MySQL, mysql4, postgres, mssql, oracle, msaccess,
#               db2 and mssql-odbc
#               Be sure to write it exactly as above, case SeNsItIvE!
# $sitekey:   Security Key. CHANGE it to whatever you want, as long
#               as you want. Just don't use quotes.
# $gfx_chk:    ,
#       GD :
#      0:
#      1:
#      2:
#      3:
#      4:
#      5:
#      6:
#      7:
#      : , 0
# $subscription_url: If you manage subscriptions on your site, you
#                    must write here the url of the subscription
#                    information/renewal page. This will send by
#                    email if set.
# $admin_file: Administration panel filename. "admin" by default for
#         "admin.php". To improve security please rename the file
#              "admin.php" and change the $admin_file value to the
#              new filename (without the extension .php)
######################################################################

$dbhost = "localhost";
$dbuname = "*******";
$dbpass = "*******";
$dbname = "****";
$prefix = "****";
$user_prefix = "*****";
$dbtype = "********";
$sitekey = "*********";
$gfx_chk = 3;
$subscription_url = "";
$admin_file = "admin";

/*********************************************************************/
/* You finished to configure the Database. Now you can change all    */
/* you want in the Administration Section.   To enter just launch    */
/* you web browser pointing to http://yourdomain.com/admin.php       */
/*                                                                   */
/* Remeber to go to Settings section where you can configure your    */
/* new site. In that menu you can change all you need to change.     */
/*                                                                   */
/* Congratulations! now you have an automated news portal!           */
/* Thanks for choose PHP-Nuke: The Future of the Web                 */
/*********************************************************************/

// DO NOT TOUCH ANYTHING BELOW THIS LINE UNTIL YOU KNOW WHAT YOU'RE DOING

$reasons = array("As Is",
          "Offtopic",
          "Flamebait",
          "Troll",
          "Redundant",
          "Insighful",
          "Interesting",
          "Informative",
          "Funny",
          "Overrated",
          "Underrated");
$badreasons = 4;
$advanced_editor = 0;
$AllowableHTML = array(
   'a' => array('href' => 1, 'target' => 1, 'title' => array('minlen' => 4, 'maxlen' => 120)),
   'b' => array(),
   'blockquote' => array(),
   'br' => array(),
   'center' => array(),
   'div' => array('align' => 1),
   'em' => array(),
   'font' => array('face' => 1, 'style' => 1, 'color' => 1, 'size' => array('minval' => 1, 'maxval' => 7)),
   'h1'=>array(),
   'h2'=>array(),
   'h3'=>array(),
   'h4'=>array(),
   'h5'=>array(),
   'h6'=>array(),
   'hr' => array(),
   'i' => array(),
   'img' => array('alt' => 1, 'src' => 1, 'hspace' => 1, 'vspace' => 1, 'width' => 1, 'height' => 1, 'border' => 1, 'align' => 1),
   'li' => array(),
   'ol' => array(),
   'p' => array('align' => 1),
   'pre' => array('align' => 1),
   'span' =>array('class' => 1, 'style' => array('font-family' => 1, 'color' => 1)),
   'strong' => array(),
   'strike'=>array(),
   'sub'=>array(),
   'sup'=>array(),
   'table' => array('align' => 1, 'border' => 1, 'cell' => 1, 'width' => 1, 'cellspacing' => 1, 'cellpadding' => 1),
   'td' => array('align' => 1, 'width' => 1, 'valign' => 1, 'height' => 1, 'rowspan' => 1, 'colspan' => 1 ),
   'tr' => array('align' => 1),
   'tt'=>array(),
   'u' => array(),
   'ul' => array(),
);
$CensorList = array("f***",
          "cunt",
          "f***er",
          "f***ing",
          "pussy",
          "cock",
          "c0ck",
          "cum",
          "twat",
          "clit",
          "bitch",
          "fuk",
          "fuking",
          "motherfucker");
$tipath = "images/topics/";
if (stristr($_SERVER['SCRIPT_NAME'], "config.php")) {
    Header("Location: index.php");
    die();
}

?>
 
Guardian2003
PostPosted: Fri Aug 08, 2008 10:40 am Reply with quote

I would be extremely worried about using what you have.
I am going to assume the the strange characters are deliberate and came with the distro BUT my concern here is that the validation check which helps to protects this file from being publicly viewed (and therefore someone could see you real database onnection details) has been placed incorrectly at the bottom of the file at it should be the first thing in the file after the credits.

I do not wish to alarm you but I have to ask where you got these files from - if there is any chance that other files have been similarly modified you are extremely vulnerable.
 
prekill
PostPosted: Fri Aug 08, 2008 11:17 am Reply with quote

umm its an hebrew phpnuke version.

Should I upgrade to ravens?

If so how can I do this without loosing all my data?

(my site is pretty big, about helf a milion page hits per month.. I have just disabled the site using nukesentinel until fixing and clearefy this subject.)
 
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Fri Aug 08, 2008 11:22 am Reply with quote

You will not loose your data but the language isnt supported by RavenNuke.

I would suggest open a new thread under NukeSentinel and post your Nuke Version Patch version Forums version and Nuke Sentinel Version and issues with NukeSentinel there.I quess NS is just not configured correctly.
 
View user's profile Send private message
prekill
PostPosted: Fri Aug 08, 2008 12:56 pm Reply with quote

umm can you please give me more information about the upgrade prosses, how is it done? what should I do? I think I have version 7.0 with no patch.

p.s I want to keep all my modules and everything..

language isnt a big problem, I am even whiling to translate and share with everyone so it will be supported by RavenNuke in the future.
 
Susann
PostPosted: Fri Aug 08, 2008 1:05 pm Reply with quote

Without Patch NukeSentinel will not work.
Here are many entires how to switch over to RavenNuke from different version of Nuke and beneed this at:
Only registered users can see links on this board! Get registered or login!

and there under "Upgrading" you will find more detailed information how to do this.

Hope this helps.
In the meantime put in your .htacces in your root something to deny all bad bots. Also add crawl delay 5 or higher to your robots.txt

e.g.


#
Quote:
The next lines check for Email Spammers Robots and f or redirect them to a fake page
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Alexibot [OR]
RewriteCond %{HTTP_USER_AGENT} ^asterias [OR]
RewriteCond %{HTTP_USER_AGENT} ^BackDoorBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^Black.Hole [OR]
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^BlowFish [OR]
RewriteCond %{HTTP_USER_AGENT} ^BotALot [OR]
RewriteCond %{HTTP_USER_AGENT} ^BuiltBotTough [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bullseye [OR]
RewriteCond %{HTTP_USER_AGENT} ^BunnySlippers [OR]
RewriteCond %{HTTP_USER_AGENT} ^Cegbfeieh [OR]
RewriteCond %{HTTP_USER_AGENT} ^CheeseBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^CherryPicker [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^CopyRightCheck [OR]
RewriteCond %{HTTP_USER_AGENT} ^cosmos [OR]
RewriteCond %{HTTP_USER_AGENT} ^Crescent [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DittoSpyder [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^DTS\ Agent [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^EroCrawler [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Foobot [OR]
RewriteCond %{HTTP_USER_AGENT} ^FrontPage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^Googlebot-Image [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^Harvest [OR]
RewriteCond %{HTTP_USER_AGENT} ^hloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} ^httplib [OR]
RewriteCond %{HTTP_USER_AGENT} ^HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^humanlinks [OR]
RewriteCond %{HTTP_USER_AGENT} ^IBM_Planetwide [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InfoNaviRobot [OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JennyBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Kenjin.Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Keyword.Density [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^LexiBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^libWeb/clsHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkextractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkScan/8.1a.Unix [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkWalker [OR]
RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mata.Hari [OR]
RewriteCond %{HTTP_USER_AGENT} ^Microsoft.URL [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIIxpc [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister.PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^moget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/3.Mozilla/2.01 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*NEWT [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetMechanic [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^NICErsPRO [OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot [OR]
RewriteCond %{HTTP_USER_AGENT} "Nutch" [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline.Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^Openfind [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProPowerBot/2.14 [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProWebWalker [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProWebWalker [OR]
RewriteCond %{HTTP_USER_AGENT} ^QueryN.Metasearch [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^RepoMonkey [OR]
RewriteCond %{HTTP_USER_AGENT} ^RMA [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SlySearch [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SpankBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^spanner [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^suzuran [OR]
RewriteCond %{HTTP_USER_AGENT} ^Szukacz/1.4 [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^Telesoft [OR]
RewriteCond %{HTTP_USER_AGENT} ^The.Intraformant [OR]
RewriteCond %{HTTP_USER_AGENT} ^TheNomad [OR]
RewriteCond %{HTTP_USER_AGENT} ^TightTwatBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^Titan [OR]
RewriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher [OR]
RewriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher [OR]
RewriteCond %{HTTP_USER_AGENT} ^True_Robot [OR]
RewriteCond %{HTTP_USER_AGENT} ^turingos [OR]
RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot/1.5 [OR]

RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot/2.0 [OR]
RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot/2.1 [OR]
RewriteCond %{HTTP_USER_AGENT} ^URLy.Warning [OR]
RewriteCond %{HTTP_USER_AGENT} ^User-Agent [OR]
RewriteCond %{HTTP_USER_AGENT} ^VCI [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWeasel [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebBandit [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEMailExtrac.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEnhancer [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web.Image.Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebmasterWorldForumBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website.Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^Webster.Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZip [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWW-Collector-E [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Yeti/0.01 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xenu's [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]
 
Susann
PostPosted: Fri Aug 08, 2008 1:26 pm Reply with quote

Find out if your site is patched if not get the patch because you cant run a Nuke site without.
 
prekill
PostPosted: Fri Aug 08, 2008 1:36 pm Reply with quote

this is what I got:

is this ok?

Code:


RewriteEngine on

#The next lines check for Email Spammers Robots and redirect them to a fake page
RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [OR]
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [OR]
RewriteCond %{HTTP_USER_AGENT} ^NaverBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^Twiceler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Yeti [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Alexibot                [OR]
RewriteCond %{HTTP_USER_AGENT} ^asterias                [OR]
RewriteCond %{HTTP_USER_AGENT} ^BackDoorBot             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Black.Hole              [OR]
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow              [OR]
RewriteCond %{HTTP_USER_AGENT} ^BlowFish                [OR]
RewriteCond %{HTTP_USER_AGENT} ^BotALot                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^BuiltBotTough           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bullseye                [OR]
RewriteCond %{HTTP_USER_AGENT} ^BunnySlippers           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Cegbfeieh               [OR]
RewriteCond %{HTTP_USER_AGENT} ^CheeseBot               [OR]
RewriteCond %{HTTP_USER_AGENT} ^CherryPicker            [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw               [OR]
RewriteCond %{HTTP_USER_AGENT} ^CopyRightCheck          [OR]
RewriteCond %{HTTP_USER_AGENT} ^cosmos                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^Crescent                [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^DittoSpyder             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon         [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber              [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailCollector          [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon             [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf               [OR]
RewriteCond %{HTTP_USER_AGENT} ^EroCrawler              [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures    [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro            [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE                [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet                [OR]
RewriteCond %{HTTP_USER_AGENT} ^Foobot                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^FrontPage               [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight                [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb!                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It         [OR]
RewriteCond %{HTTP_USER_AGENT} ^Googlebot-Image         [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla                [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Harvest                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^hloader                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^httplib                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^HTTrack                 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^humanlinks              [OR]
RewriteCond %{HTTP_USER_AGENT} ^ia_archiver             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper         [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Indy\ Library           [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InfoNaviRobot           [OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET                [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja         [OR]
RewriteCond %{HTTP_USER_AGENT} ^JennyBot                [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider        [OR]
RewriteCond %{HTTP_USER_AGENT} ^Kenjin.Spider           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Keyword.Density         [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP                [OR]
RewriteCond %{HTTP_USER_AGENT} ^LexiBot                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^libWeb/clsHTTP          [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkextractorPro        [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkScan/8.1a.Unix      [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkWalker              [OR]
RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader        [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mata.Hari               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Microsoft.URL           [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool            [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIIxpc                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister.PiX              [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX             [OR]
RewriteCond %{HTTP_USER_AGENT} ^moget                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/2               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/3.Mozilla/2.01  [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*NEWT           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite                [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetMechanic             [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire            [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^NICErsPRO               [OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline.Explorer        [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer       [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator      [OR]
RewriteCond %{HTTP_USER_AGENT} ^Openfind                [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto              [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser               [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProPowerBot/2.14        [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProWebWalker            [OR]
RewriteCond %{HTTP_USER_AGENT} ^ProWebWalker            [OR]
RewriteCond %{HTTP_USER_AGENT} ^QueryN.Metasearch       [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^RepoMonkey              [OR]
RewriteCond %{HTTP_USER_AGENT} ^RMA                     [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger             [OR]
RewriteCond %{HTTP_USER_AGENT} ^SlySearch               [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload           [OR]
RewriteCond %{HTTP_USER_AGENT} ^SpankBot                [OR]
RewriteCond %{HTTP_USER_AGENT} ^spanner                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot                [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^suzuran                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Szukacz/1.4             [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport                [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro           [OR]
RewriteCond %{HTTP_USER_AGENT} ^Telesoft                [OR]
RewriteCond %{HTTP_USER_AGENT} ^The.Intraformant        [OR]
RewriteCond %{HTTP_USER_AGENT} ^TheNomad                [OR]
RewriteCond %{HTTP_USER_AGENT} ^TightTwatBot            [OR]
RewriteCond %{HTTP_USER_AGENT} ^Titan                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher   [OR]
RewriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher   [OR]
RewriteCond %{HTTP_USER_AGENT} ^True_Robot              [OR]
RewriteCond %{HTTP_USER_AGENT} ^turingos                [OR]
RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot/1.5         [OR]
RewriteCond %{HTTP_USER_AGENT} ^URLy.Warning            [OR]
RewriteCond %{HTTP_USER_AGENT} ^VCI                     [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto                 [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebBandit               [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier               [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEMailExtrac.*        [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEnhancer             [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch                [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web.Image.Collector     [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector   [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher              [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebmasterWorldForumBot  [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper               [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger               [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor      [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website.Quester         [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester        [OR]
RewriteCond %{HTTP_USER_AGENT} ^Webster.Pro             [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper             [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker             [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker              [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZip                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget                    [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow                   [OR]
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit         [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWW-Collector-E         [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE                [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider       [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xenu's                  [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.*$ http://127.0.0.1 [R,L]

#Check for Santy Worms and redirect them to a fake page
RewriteCond %{HTTP_USER_AGENT} ^LWP                   [NC,OR]
RewriteCond %{REQUEST_URI} ^visualcoders              [NC,OR]
RewriteCond %{QUERY_STRING} rush=([^&]+)              [NC,OR]
RewriteCond %{REQUEST_URI} ^envidiosos                [NC,OR]
RewriteCond %{REQUEST_URI} ^civa                      [NC,OR]
#variant-6 redirect all inner http:// request
RewriteCond %{QUERY_STRING} ^(.*)http://(.*)            [NC,OR]
#variant-7 redirect all inner http request regardless if encoded
RewriteCond %{QUERY_STRING} ^(.*)http%3A%2F%2F(.*)      [NC]
RewriteRule ^.*$ http://127.0.0.1 [R,L]

#Index
RewriteRule ^index.html index.php

#Articles
RewriteRule ^article-([0-9]*)-([a-z]*)-([0-9]*)-([0-9]*).html modules.php?name=News&file=article&sid=$1&mode=$2&order=$3&thold=$4
RewriteRule ^article-([0-9-]*)-([a-z]*)-([0-9]*)-([0-9]*).html([0-9#]*) modules.php?name=News&file=article&thold=$1&mode=$2&order=$3&sid=$4$5
RewriteRule ^article-topic([0-9]*)-page([0-9]*).html modules.php?name=News&new_topic=$1&start=$2
RewriteRule ^article-category([0-9]*)-page([0-9]*).html modules.php?name=News&file=categories&op=newindex&catid=$1&start=$2
RewriteRule ^article-category-([0-9]*).html modules.php?name=News&file=categories&op=newindex&catid=$1
RewriteRule ^article-print-([0-9]*).html modules.php?name=News&file=print&sid=$1
RewriteRule ^article-friend-([0-9]*).html modules.php?name=News&file=friend&op=FriendSend&sid=$1
RewriteRule ^article-page-([0-9]*).html modules.php?name=News&start=$1
RewriteRule ^article([1-9][0-9]*).* modules.php?name=News&file=article&sid=$1
RewriteRule ^article-topic-([0-9]*).html modules.php?name=News&new_topic=$1
RewriteRule ^allnews.html modules.php?name=News&file=allindex
RewriteRule ^news.html news.html

#AvantGo
RewriteRule ^avantgo-print-([0-9]*).html modules.php?name=AvantGo&file=print&sid=$1
RewriteRule ^avantgo.html avantgo.html

#Content
RewriteRule ^content-([0-9]*)-page([0-9]*).html modules.php?name=Content&pa=showpage&pid=$1&page=$2
RewriteRule ^content-cat-([0-9]*).html modules.php?name=Content&pa=list_pages_categories&cid=$1
RewriteRule ^content-([0-9]*).html modules.php?name=Content&pa=showpage&pid=$1
RewriteRule ^content.html content.html

#Downloads
RewriteRule ^downloadview-(comments|details|editorial)-([0-9]*)-([[:punct:]/:\-\'{}()._&a-zA-Z0-9+=]*).html modules.php?name=Downloads&d_op=viewdownload$1&lid=$2&ttitle=$3
RewriteRule ^download-mod-([0-9]*).html modules.php?name=Downloads&d_op=modifydownloadrequest&lid=$1
RewriteRule ^download-broken-([0-9]*).html modules.php?name=Downloads&d_op=brokendownload&lid=$1
RewriteRule ^download-shownew-([0-9]*).html modules.php?name=Downloads&d_op=NewDownloads&newdownloadshowdays=$1
RewriteRule ^download-seldate-([a-zA-Z0-9+]*).html modules.php?name=Downloads&d_op=NewDownloadsDate&selectdate=$1
RewriteRule ^download-file-([0-9]*).html modules.php?name=Downloads&d_op=getit&lid=$1
RewriteRule ^ratedownload-([0-9]*)-([[:punct:]/:\-\'{}()._&a-zA-Z0-9+=]*).html modules.php?name=Downloads&d_op=ratedownload&lid=$1&ttitle=$2
RewriteRule ^ratedownload-([0-9]*).html modules.php?name=Downloads&d_op=ratedownload&lid=$1
RewriteRule ^download-(TopRated|MostPopular)-([0-9]*)-(num|percent).html modules.php?name=Downloads&d_op=$1&ratenum=$2&ratetype=$3
RewriteRule ^downloads-(AddDownload|NewDownloads|MostPopular|TopRated).html modules.php?name=Downloads&d_op=$1
RewriteRule ^download([0-9]*)-orderby([a-zA-Z0-9+]*).html modules.php?name=Downloads&d_op=viewdownload&cid=$1&orderby=$2
RewriteRule ^download([0-9]*)-([0-9]*)-([a-zA-Z0-9+]*)-([0-9]*).html modules.php?name=Downloads&d_op=viewdownload&cid=$1&min=$2&orderby=$3&show=$4
RewriteRule ^download-search-([[:punct:]/:\-\'{}()._&a-zA-Z0-9+=]*)-([0-9]*)-([a-zA-Z0-9+]*)-([0-9]*).html modules.php?name=Downloads&d_op=search&query=$1&min=$2&orderby=$3&show=$4
RewriteRule ^download-search-([[:punct:]/:\-\'{}()._&a-zA-Z0-9+=]*)-([a-zA-Z0-9+]*).html modules.php?name=Downloads&d_op=search&query=$1&orderby=$2
RewriteRule ^download-search-([[:punct:]/:\-\'{}()._&a-zA-Z0-9+=]*).html modules.php?name=Downloads&d_op=search&query=$1
RewriteRule ^download-outside-([0-9]*).html modules.php?name=Downloads&d_op=outsidedownloadsetup&lid=$1
RewriteRule ^downloads-cat([0-9]*).html modules.php?name=Downloads&d_op=viewdownload&cid=$1
RewriteRule ^downloads.html downloads.html

#Encyclopedia
RewriteRule ^encyclopedia-([0-9]*)-page([0-9]*)-([a-zA-Z0-9_-]*).html modules.php?name=Encyclopedia&op=content&tid=$1&page=$2&query=$3
RewriteRule ^encyclopedia-([0-9]*)-page([0-9]*).html modules.php?name=Encyclopedia&op=content&tid=$1&page=$2
RewriteRule ^encyclopedia-([0-9]*)-([a-zA-Z0-9_-]*).html modules.php?name=Encyclopedia&op=content&tid=$1&query=$2
RewriteRule ^encyclopedia-([0-9]*).html modules.php?name=Encyclopedia&op=content&tid=$1
RewriteRule ^encyclopedia-list-([0-9]*).html modules.php?name=Encyclopedia&op=list_content&eid=$1
RewriteRule ^encyclopedia-terms([0-9]*)-([A-Z]*).html modules.php?name=Encyclopedia&op=terms&eid=$1&ltr=$2
RewriteRule ^encyclopedia-search-([a-zA-Z0-9_-]*).html modules.php?name=Encyclopedia&file=search&query=$1
RewriteRule ^encyclopedia-search.html modules.php?name=Encyclopedia&file=search
RewriteRule ^encyclopedia.html encyclopedia.html

#Feedback
RewriteRule ^feedback.html feedback.html

#FAQ
RewriteRule ^faq.html faq.html
RewriteRule ^faq-([0-9]*)-([a-zA-Z0-9\+\&\-\/%[:punct:]\.\;]*).html modules.php?name=FAQ&myfaq=yes&id_cat=$1&categories=$2

#Forums
RewriteRule ^ftopic-([0-9]*)-([0-9]*)-days([0-9]*)-order(desc|asc)-([A-Za-z0-9_-]*).html modules.php?name=Forums&file=viewtopic&t=$1&start=$2&postdays=$3&postorder=$4&highlight=$5
RewriteRule ^ftopic-([0-9]*)-days([0-9]*)-order(desc|asc)-([0-9]*).html modules.php?name=Forums&file=viewtopic&t=$1&postdays=$2&postorder=$3&start=$4
RewriteRule ^ftopic-([0-9]*)-([0-9]*).html modules.php?name=Forums&file=viewtopic&t=$1&start=$2
RewriteRule ^ftopic-([0-9]*)-(previous|next).html modules.php?name=Forums&file=viewtopic&t=$1&view=$2
RewriteRule ^ftopic(t|p)-([0-9]*)-([A-Za-z0-9_-]*).html modules.php?name=Forums&file=viewtopic&$1=$2&highlight=$3
RewriteRule ^ftopic-([0-9]*)-(watch|unwatch)-([0-9]*).html modules.php?name=Forums&file=viewtopic&t=$1&$2=topic&start=$3
RewriteRule ^ftopic(t|p)-([0-9]*).html modules.php?name=Forums&file=viewtopic&$1=$2
RewriteRule ^ftopic(t|p)-([0-9]*).html#([0-9]*) modules.php?name=Forums&file=viewtopic&$1=$2#$3
RewriteRule ^forum-editprofile.html forum-editprofile.html
RewriteRule ^forum-userprofile-([0-9]*).html forum-userprofile-.html$1
RewriteRule ^forum-register-new.html forum-register-new.html
RewriteRule ^forum-register-coppa.html forum-register-coppa.html
RewriteRule ^forum-register.html forum-register.html
RewriteRule ^forums-posting.html forums-posting.html
RewriteRule ^forum-faq-bbcode.html forum-faq-bbcode.html
RewriteRule ^ftopic-post-([0-9]*).html ftopic-post-.html$1
RewriteRule ^ftopic-vote-([0-9]*).html ftopic-vote-.html$1
RewriteRule ^ftopic-new-([0-9]*).html ftopic-new-.html$1
RewriteRule ^ftopic-reply-([0-9]*).html ftopic-reply-.html$1
RewriteRule ^ftopic-edit-([0-9]*).html ftopic-edit-.html$1
RewriteRule ^ftopic-smilies.html ftopic-smilies.html
RewriteRule ^ftopic-quote-([0-9]*).html ftopic-quote-.html$1
RewriteRule ^forum-posting.html modules.php?name=Forums&file=posting
RewriteRule ^forums-group([0-9]*).html forums-group.html$1
RewriteRule ^fsearch-([0-9]*)-([0-9]*).html modules.php?name=Forums&file=search&search_id=$1&start=$2
RewriteRule ^fsearch-(unanswered|egosearch|newposts).html modules.php?name=Forums&file=search&search_id=$1
RewriteRule ^fsearch-results.html fsearch-results.html
RewriteRule ^forums-([^index][a-zA-Z0-9_-]*).html modules.php?name=Forums&file=$1
RewriteRule ^forum-c([0-9]*).html forum-c.html$1
RewriteRule ^forum-mark.html forum-mark.html
RewriteRule ^forums.html modules.php?name=Forums&file=index
RewriteRule ^forum-viewonline.html forum-viewonline.html
RewriteRule ^forum-([0-9]*)-days([0-9]*)-([0-9]*).html modules.php?name=Forums&file=viewforum&f=$1&topicdays=$2&start=$3
RewriteRule ^forum-([0-9]*)-([0-9]*).html modules.php?name=Forums&file=viewforum&f=$1&start=$2
RewriteRule ^forum-([0-9]*)-mark.html modules.php?name=Forums&file=viewforum&f=$1&mark=topics
RewriteRule ^forum-([0-9]*).html modules.php?name=Forums&file=viewforum&f=$1
RewriteRule ^forums.html forums.html

#Journal
RewriteRule ^journal-search-([a-zA-Z0-9]*).html modules.php?name=Journal&file=search&bywhat=aid&exact=1&forwhat=$1
RewriteRule ^journal(search|delete|commentkill)-(bywhat|jid|onwhat)([a-zA-Z0-9]*)-(forwhat|ref)([a-zA-Z0-9]*).html modules.php?name=Journal&file=$1&$2=$3&$4=$5
RewriteRule ^journal-search-([0-9]*)-([a-zA-Z0-9_-]*).html modules.php?name=Journal&file=search&bywhat=$1&forwhat=$2
RewriteRule ^journal-([a-zA-Z0-9+]*)-(jid|onwhat|disp|op|disp)-([a-zA-Z0-9+]*).html modules.php?name=Journal&file=$1&$2=$3
RewriteRule ^journal-edit.html modules.php?name=Journal&file=edit
RewriteRule ^journal(file|op)-([a-zA-Z0-9]*).html modules.php?name=Journal&$1=$2
RewriteRule ^journal.html journal.html

#Members List
RewriteRule ^members.html members.html

#Private Messages
RewriteRule ^messages-read-(savebox|inbox|outbox|sentbox)-([0-9]*).html modules.php?name=Private_Messages&file=index&folder=$1&mode=read&p=$2
RewriteRule ^messages-start-(savebox|inbox|outbox|sentbox)-([0-9]*).html modules.php?name=Private_Messages&file=index&folder=$1&start=$2
RewriteRule ^messages-(reply|quote)-([0-9]*).html modules.php?name=Private_Messages&file=index&mode=$1&p=$2
RewriteRule ^messages-post-([0-9]*).html messages-post-.html$1
RewriteRule ^messages-new.html modules.php?name=Private_Messages&file=index&mode=post
RewriteRule ^messages-(sentbox|inbox|savebox|outbox).html modules.php?name=Private_Messages&file=index&folder=$1
RewriteRule ^messages-popup.html messages-popup.html
RewriteRule ^messages.html messages.html

#Recommend Us
RewriteRule ^recommend.html recommend.html

#Reviews
RewriteRule ^reviews-new.html modules.php?name=Reviews&rop=write_review
RewriteRule ^reviews-preview.html modules.php?name=Reviews&rop=preview_review
RewriteRule ^reviews-([0-9]*)-page([0-9]*).html modules.php?name=Reviews&rop=showcontent&id=$1&page=$2
RewriteRule ^reviews-([0-9]*).html modules.php?name=Reviews&rop=showcontent&id=$1
RewriteRule ^reviews-comment-([0-9]*)-([[:punct:]?/:\-\'{}()._&a-zA-Z0-9+=\%]*).* modules.php?name=Reviews&rop=postcomment&id=$1&title=$2
RewriteRule ^reviews-([0-9]*)-delete.html modules.php?name=Reviews&rop=del_review&id_del=$1
RewriteRule ^reviews-([0-9]*)-edit.html modules.php?name=Reviews&rop=mod_review&id=$1
RewriteRule ^reviews-([0-9]*)-delcomment-([0-9]*).html modules.php?name=Reviews&rop=del_comment&cid=$1&id=$2
RewriteRule ^reviews-([a-zA-Z0-9]*)-orderby-([a-z]*)-([a-zA-Z]*).html modules.php?name=Reviews&rop=$1&field=$2&order=$3
RewriteRule ^reviews-sortby-([a-zA-Z0-9]*).html modules.php?name=Reviews&rop=$1
RewriteRule ^reviews.html reviews.html

#Search
RewriteRule ^search-([a-zA-Z0-9]*)-([0-9]*)-([0-9]*)-([a-zA-Z0-9]*)-([a-zA-Z]*)-([0-9]*).html modules.php?name=Search&author=$1&topic=$2&min=$3&query=$4&type=$5&category=$6
RewriteRule ^search-([a-zA-Z0-9]*)-([0-9]*)-([0-9]*)-([a-zA-Z0-9]*)-([a-zA-Z]*).html modules.php?name=Search&author=$1&topic=$2&min=$3&query=$4&type=$5
RewriteRule ^search-author-([a-zA-Z0-9]*).html modules.php?name=Search&author=$1
RewriteRule ^search-([a-zA-Z0-9_-]*)-([a-zA-Z0-9_-]*).html modules.php?name=Search&query=$1&author=$2
RewriteRule ^search-([0-9]*).html modules.php?name=Search&query=&topic=$1
RewriteRule ^search-users.html modules.php?name=Search&type=users
RewriteRule ^search.html* search.html

#Sections
RewriteRule ^sections-viewarticle([0-9]*)-page([0-9]*).html modules.php?name=Sections&op=viewarticle&artid=$1&page=$2
RewriteRule ^sections-(printpage|viewarticle)-([0-9]*).html modules.php?name=Sections&op=$1&artid=$2
RewriteRule ^sections-listarticles-([0-9]*).html modules.php?name=Sections&op=listarticles&secid=$1
RewriteRule ^sections.html modules.php?name=Sections

#Statistics
RewriteRule ^stats-([0-9]*)-([0-9]*)-([0-9]*).html modules.php?name=Statistics&op=DailyStats&year=$1&month=$2&date=$3
RewriteRule ^stats-([0-9]*)-([0-9]*).html modules.php?name=Statistics&op=MonthlyStats&year=$1&month=$2
RewriteRule ^stats-([0-9]*).html modules.php?name=Statistics&op=YearlyStats&year=$1
RewriteRule ^advstats.html modules.php?name=Statistics&op=Stats
RewriteRule ^stats.html stats.html

#Stories Archive
RewriteRule ^archive.html archive.html
RewriteRule ^archive-showall.html modules.php?name=Stories_Archive&sa=show_all
RewriteRule ^archive-([0-9]*)-([0-9]*)-([a-zA-Z]*).* modules.php?name=Stories_Archive&sa=show_month&year=$1&month=$2&month_l=$3

#Surveys
RewriteRule ^survey-results-([0-9]*)-([a-z]*)-([0-9]*)-([0-9\-]*).html modules.php?name=Surveys&op=results&pollID=$1&mode=$2&order=$3&thold=$4
RewriteRule ^survey-results-([0-9]*).html modules.php?name=Surveys&op=results&pollID=$1
RewriteRule ^survey-([0-9]*).html modules.php?name=Surveys&pollID=$1
RewriteRule ^survey-comment-([0-9]*)-(tid|pid)-([0-9]*)-([a-z]*)-([0-9]*)-([0-9\-]*).html modules.php?name=Surveys&file=comments&pollID=$1&$2=$3&mode=$4&order=$5&thold=$6
RewriteRule ^survey-commreply-([0-9]*)-([0-9]*)-([a-z]*)-([0-9]*)-([0-9\-]*).html modules.php?name=Surveys&file=comments&op=Reply&pid=$1&pollID=$2&mode=$3&order=$4&thold=$5
RewriteRule ^survey-showreply-([0-9]*)-([0-9]*)-([0-9]*)-([a-z]*)-([0-9]*)-([0-9\-]*).html modules.php?name=Surveys&file=comments&op=showreply&tid=$1&pollID=$2&pid=$3&mode=$4&order=$5&thold=$6
RewriteRule ^survey-showreply-([0-9]*)-([a-z]*)-([0-9]*)-([0-9\-]*).html modules.php?name=Surveys&file=comments&op=showreply&tid=$1&mode=$2&order=$3&thold=$4
RewriteRule ^survey-comments.html modules.php?name=Surveys&file=comments
RewriteRule ^surveys.html surveys.html

#Submit_News
RewriteRule ^submit.html submit.html

#Topics
RewriteRule ^topics.html topics.html

#Top10
RewriteRule ^top-([[:print:]]*).html modules.php?name=Top&zx=$1
RewriteRule ^top.html top.html

#WebLinks
RewriteRule ^viewlinkcomments-([0-9]+)-([[:punct:]/:\-\'(){}.&=_a-zA-Z0-9\ ]*).html modules.php?name=Web_Links&l_op=viewlinkcomments&lid=$1&ttitle=$2
RewriteRule ^viewlinkdetails-([0-9]+)-([[:punct:]/:\-\'(){}.&=_a-zA-Z0-9\ ]*).html modules.php?name=Web_Links&l_op=viewlinkdetails&lid=$1&ttitle=$2
RewriteRule ^vieweditorial-([0-9]+)-([[:punct:]/:\-\'(){}.&=_a-zA-Z0-9\ ]*).html modules.php?name=Web_Links&l_op=viewlinkeditorial&lid=$1&ttitle=$2
RewriteRule ^modifylink-([0-9]+).html modules.php?name=Web_Links&l_op=modifylinkrequest&lid=$1
RewriteRule ^brokenlink-([0-9]+).html modules.php?name=Web_Links&l_op=brokenlink&lid=$1
RewriteRule ^outsidelink-([0-9]+).html modules.php?name=Web_Links&l_op=outsidelinksetup&lid=$1
RewriteRule ^linkop-(MostPopular|TopRated)-([0-9]+)-(num|percent).html modules.php?name=Web_Links&l_op=$1&ratenum=$2&ratetype=$3
RewriteRule ^newlinks-([0-9]+).html modules.php\?name=Web_Links&l_op=NewLinks&newlinkshowdays=$1
RewriteRule ^linksnew-([0-9]+).html modules.php?op=modload&name=Web_Links&file=index&l_op=NewLinksDate&selectdate=$1
RewriteRule ^linkop-(AddLink|MostPopular|NewLinks|RandomLink|TopRated).html modules.php?op=modload&name=Web_Links&file=index&l_op=$1
RewriteRule ^ratelink-([0-9]*)-([[:punct:]/:\-\'(){}.&=_a-zA-Z0-9\ ]*).html modules.php?op=modload&name=Web_Links&file=index&l_op=ratelink&lid=$1&ttitle=$2
RewriteRule ^viewlink-([0-9]*).html modules.php?name=Web_Links&l_op=visit&lid=$1
RewriteRule ^links-([0-9]*)-([a-zA-Z0-9]*).html modules.php?name=Web_Links&file=index&l_op=viewlink&cid=$1&orderby=$2
RewriteRule ^links-([0-9]*)-([0-9]*)-([a-zA-Z0-9]*)-([0-9]*).html modules.php?name=Web_Links&file=index&l_op=viewlink&cid=$1&min=$2&orderby=$3&show=$4
RewriteRule ^link-([0-9]*).html modules.php?name=Web_Links&l_op=viewlink&cid=$1
RewriteRule ^links-search-([a-zA-Z0-9]*)-([0-9]*)-orderby-([a-zA-Z]*)-([0-9]*) modules.php?name=Web_Links&l_op=search&query=$1&min=$2&orderby=$3&show=$4
RewriteRule ^links-search-([a-zA-Z0-9_-]*)-orderby-([a-zA-Z]*).html modules.php?name=Web_Links&l_op=search&query=$1&orderby=$2
RewriteRule ^links-search-([a-zA-Z0-9_-]*).html modules.php?name=Web_Links&l_op=search&query=$1
RewriteRule ^links.html links.html

#Community
RewriteRule ^Community.html modules.php?name=Community

#Rss
RewriteRule ^Rss.html modules.php?name=Rss

#Your Account
RewriteRule ^userinfo-([a-zA-Z0-9_-]*).html modules.php?name=Your_Account&op=userinfo&username=$1
RewriteRule ^account-([a-z_]*).html modules.php?name=Your_Account&op=$1
RewriteRule ^account.html account.html

#My_eGallery
RewriteRule ^showgallery-([0-9]*)-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?name=My_eGallery&file=index&do=showgall&gid=$1&offset=$2&orderby=$3
RewriteRule ^showgallery-([0-9]*)-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?op=modload&name=My_eGallery&file=index&do=showgall&gid=$1&offset=$2&orderby=$3
RewriteRule ^showgallery-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?name=My_eGallery&do=showgall&gid=$1&offset=&orderby=$2
RewriteRule ^showgallery-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?op=modload&name=My_eGallery&do=showgall&gid=$1&offset=&orderby=$2
RewriteRule ^showgallery-([0-9]*).html modules.php?name=My_eGallery&file=index&do=showgall&gid=$1
RewriteRule ^showgallery-([0-9]*).html modules.php?op=modload&name=My_eGallery&file=index&do=showgall&gid=$1
RewriteRule ^showfile-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?name=My_eGallery&file=index&do=showpic&pid=$1&orderby=$2
RewriteRule ^showfile-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?op=modload&name=My_eGallery&file=index&do=showpic&pid=$1&orderby=$2
RewriteRule ^showfile-([0-9]*)-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?name=My_eGallery&file=index&do=showpic&gid=$1&pid=$2&orderby=$3
RewriteRule ^showfile-([0-9]*)-([0-9]*)_(titleA|titleD|dateA|dateD|ratingA|ratingD|hitsA|hitsD).html modules.php?op=modload&name=My_eGallery&file=index&do=showpic&gid=$1&pid=$2&orderby=$3
RewriteRule ^showfile-([0-9]*).html modules.php?name=My_eGallery&file=index&do=showpic&pid=$1
RewriteRule ^showfile-([0-9]*).html modules.php?op=modload&name=My_eGallery&file=index&do=showpic&pid=$1
RewriteRule ^gallery.html modules.php?name=My_eGallery
RewriteRule ^gallery_upload.html modules.php?op=modload&name=My_eGallery&file=index&do=upload
RewriteRule ^gallery_top.html modules.php?op=modload&name=My_eGallery&file=index&do=top

#Flash_Games
RewriteRule ^Flash_Games.html modules.php?name=Flash_Games&func=view&cid=6

#Sitemap
RewriteRule ^sitemap.html modules.php?name=Sitemap

# Redirect domain.com to Only registered users can see links on this board! Get registered or login!
RewriteCond %{HTTP_HOST} ^preflight.us [NC]
RewriteRule ^(.*)$ http://www.preflight.us/HE/$1 [L,R=301]

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files /home/prefligh/public_html/HE/.ftaccess>
deny from all
</Files>

<Files /home/prefligh/public_html/HE/.staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /home/prefligh/public_html/HE/.staccess
</Files>

# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------

# deny most common except .php
<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module)$">
deny from all
</FilesMatch>

# Disable .htaccess viewing from browser
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>

# Disable access to config.php
<Files ~ "\config.php$">
deny from all
</Files>

<Files site>
ForceType application/x-httpd-php
</Files>
deny from 217.212.224.181
deny from 145.253.2.232
deny from 91.121.198.38
deny from 92.48.112.76
deny from 193.46.236.234
deny from 92.241.168.217


Reading about upgrading right now, It seem to be complicated I am afraid nothing will work after I comit those upgrades...
 
Susann
PostPosted: Fri Aug 08, 2008 2:15 pm Reply with quote

The Santy worm entries I had before in my htaccess are now deleted its old and beneed this Santy Worms attacks are protected by Nuke Sentinel. I also dont have the entries # deny most common except .php etc. anymore these are old entries from Standard Nuke
I believe your .htaccess is okay but Im not an expert.

To try the upgrade process to RavenNuke you should install Xampp.

I upgraded in place from Nuke 6.5 with over 14.000 members took a while but for security reasons its worth to switch over to RavenNuke.
You will always find here good support as long as this site exist.
So its highly recommend to get a better and more secure CMS.


Btw: How about the security of My_eGallery ?
Gallerys are often a security risk.
And your Flash Games can cause high traffic .
 
prekill
PostPosted: Fri Aug 08, 2008 2:30 pm Reply with quote

umm My_eGallery is OK I just love it and I made it custom fit for me as for security I dont really know.

I will disable Flash Games then.

umm as I was reading the upgrade section, I backed up everything but just cant find this:

How Can I Upgrade my Database? - For versions less than 7.6, the individual upgrade scripts can be found within the RavenNuke(tm) distribution here: phpNuke7.6_Docs/upgrades. You will have to execute each in succession starting from your current version up to 7.6.

theres no folder named phpNuke7.6_Docs any idea where it is?

is this telling you something: Only registered users can see links on this board! Get registered or login!
 
Susann
PostPosted: Fri Aug 08, 2008 2:41 pm Reply with quote

Not sure if eGallery is really okay I found a lot of entries like this.:
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login!

I dont have this RavenNuke version currently but check Utilty Files and Patch Level 3.3 docs.
 
prekill
PostPosted: Sat Aug 09, 2008 1:17 am Reply with quote

I really cant find those update files to go from phpnuke 7.0 to 7.6 anyone can help with it?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©