Nuke Sentinel - newbie question

New Member Joined: Jan 05, 2011 Posts: 5 Location: Denmark

Hi all

I've installed Nuke Sentinal not too long ago, and I was kinda thinking that a standard installation would take care of hacker attacks etc. Well, I havent had any hacker attacks since I installed it - so perhaps it's working? Wink

But when I look in my "banned IP" list, it's empty?

But my main question is this... How do I ban an IP address? I can see the link for it, and a whole lot of options come up - but if I simply want to ban a specific IP address, can I not do this without filling out a bunch of fields? I'm not so sure as to what to chose in the different fields, so if I could simply write the IP addie, and then it's banned - that would be perfect.

I once used Admin Secure as my security system, but that got outdated a while back, which is why i installed the Nuke Sentinel.

Thanks so much in advance for your help Smile

Subject Matter Expert Joined: Feb 23, 2004 Posts: 358

Interested to know what version of Nuke or RN you're using Sentinel with...?

As far as banning an IP direct, almost all of those form fields are optional, besides well, the IP of course... and I believe you have to decide whether to ban the full IP, or portions of the entire block. It's usually best to start with the full IP, then if you see them come back with a different last octet, ban the first 3 octets and leave the 4th 'wildcarded'.

- Keith

Posted: Wed Jan 05, 2011 12:20 pm

Okay - hate to admit my newbie status here *cough* - but where exactly do I see/find out which versions I'm running?

Posted: Wed Jan 05, 2011 1:19 pm

Look in your nuke_config table using phpmyadmin, the field Version_Num has your version number in it. Humm. it really would be a good idea if we reported the version on the top of the Administrative Control Panel wouldn't it? Nuke Sentinel reports its version when you call it up the NS admin screen.

If you call up IP tracking within NS you can ban any of the IP's you see there. Turn the appropriate setting on and it will write those banned IP's to your htaccess file also. Then you can look at the format of banned IP's in the htaccess table and add whatever you want. You basically say:

deny from 12.191.209.236

or whatever IP you want to ban. Be careful editing htaccess, you can make your whole site inaccessible by fouling it up.

Posted: Wed Jan 05, 2011 1:51 pm

I found the phpnuke version - it's 8.1 Wink

And yes, it would indeed be a good idea *s*

It doesn't however say the version number in the NS admin panel? Tried clicking around, but cannot see it anywhere.

I turned IP tracking on in the administration menu, but I can't see any blocked or tracked IPs anywhere?

I'm thinking its a setting that I haven't turned on somewhere? I.e. the "Admin blocker settings" is turned off? But then again, I am a newbie to the whole NS thing, so what do I know? Wink

Posted: Wed Jan 05, 2011 3:16 pm

I will unabashedly advise you, and especially if your site is fairly new and not modded, to ditch that 8.1 in favor of the current RavenNuke available in the download section here (v2.40.01). It is so vastly superior in coding, SECURITY, look, feel, compliance, user-friendliness, features, uh... look, I could run out of posting space here soon... you get the idea.

In terms of security, so many things have been fixed and patched PROPERLY, that Sentinel isn't even an absolute must, although it always helps you sleep a little better every night. With the current form of RavenNuke, Sentinel is essentially there to guard 3rd party and poorly written add-ons and modules, and just stop evil-doers from sniffing around (even though there's nothing really there for them to get into anymore).

And well, you can either use the great Forums at Nuke (oh wait... FB took them down about 6 years ago Wink

), or get friendly, knowledgeable help right here. Very Happy

- Keith

Posted: Wed Jan 05, 2011 4:00 pm

Oh if you only knew how many times I've been wanting to throw my phpnuke out the windows Wink

- but the thing is, the site is over 6 years old and has almost 9000 registered users with about 1500 unique visits per day. So don't wanna mess things up, and lose it all. Especially since I'm still the newbie that I am.

I have managed to restore the whole site after my last hacker attack though - and that's when i upgraded to 8.1 plus installed NS.

"Unfortunately" its free for my users to use the site, so I got no income on it, so can't even pay a developer to make it all neater for me. So will live with the junk I got - sorta after the thinking "if it ain't broken..." Wink

Posted: Wed Jan 05, 2011 6:02 pm

dudess wrote:

Oh if you only knew how many times I've been wanting to throw my phpnuke out the windows Wink

<snipped>

I have managed to restore the whole site after my last hacker attack though <snipped>

I got no income on it, so can't even pay a developer to make it all neater for me. So will live with the junk I got - sorta after the thinking "if it ain't broken..." Wink

Unfortunately the chances are it WILL get hacked again and next time they might the database for you in the process.

It's New Years so contact me via Private Message and I'll convert your site for you - free of course (provided it isnt a warez or porn site)!

Posted: Thu Jan 06, 2011 1:37 am

Guardian2003 wrote:

It's New Years so contact me via Private Message and I'll convert your site for you - free of course (provided it isnt a warez or porn site)!

Wow are you serious? What an amazing offer! Thank you so much - pm on the way Very Happy

And no, not a porn site or warez hehe. Its a help site and a forum for single parents Wink