Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
FuZZyLoGic
Hangin' Around


Joined: Aug 02, 2004
Posts: 36

PostPosted: Wed Aug 04, 2004 9:53 am Reply with quote

Ok i enabled http auth which I used to use np with admin secure (now uninsatlled) but I insalled sentinel RC6 turned on http auth and the auth screen pops up but wont accept my pass!!! then tells me to leave now. wtf?
 
View user's profile Send private message Visit poster's website
FuZZyLoGic
PostPosted: Wed Aug 04, 2004 10:01 am Reply with quote

btw went into phpmyadmin and changed http_auth from a 1 to a 0 now im in again but why wont it accept my pass in http_auth mode?
 
FuZZyLoGic
PostPosted: Wed Aug 04, 2004 11:08 am Reply with quote

k i set up the http passwords and got an email confirming my http_auth pass and uname but they dont work. Where does sentinel store this info, maybe its not getting stored properly?
 
Tao_Man
Involved
Involved


Joined: Jul 15, 2004
Posts: 252
Location: OKC, OK

PostPosted: Wed Aug 04, 2004 4:53 pm Reply with quote

there are 4 tables nuke_nsnst_?????

in nuke_nsnst_authors is where it stores the login info

_________________
------------------------------------------
To strive, to seek, to find, but not to yield!
I don't know Kara-te but I do know cra-zy, and I WILL use it! 
View user's profile Send private message Visit poster's website
MrHahn
New Member
New Member


Joined: Aug 10, 2004
Posts: 13

PostPosted: Tue Aug 10, 2004 9:54 am Reply with quote

I'm also having the same problem as fuzzylogic. I went into phpmyadmin, made my user a God, and turned on "Admin HTTP Auth". When I try to log into the admin panel, I get the popup dialog box asking me for the user and pass for my account as a result of the http auth being turned on. I type in the correct info, but it won't accept it. I've tried numerous times, so I know what I was entering was correct. I ended up having to go back into phpmyadmin and turn http_auth from 1 to 0 as well so I could access my admin panel again. Any idea on what's going on? Btw, I checked the encrypted database entries for user passwords for both the admin account and the HTTP Auth account, and they are identical. Thanks.


Last edited by MrHahn on Tue Aug 10, 2004 10:13 am; edited 1 time in total 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Tue Aug 10, 2004 9:58 am Reply with quote

The usernames are case sensitive in http auth but not in nuke. In other words raven and Raven work in nuke admin panel, but in http auth only the exact way it reads in th auth table will work. Is that perhaps the problem?
 
View user's profile Send private message
MrHahn
PostPosted: Tue Aug 10, 2004 10:00 am Reply with quote

Nope, I type it in the right case. I also just noticed I can't even log into the site anymore.
 
Raven
PostPosted: Tue Aug 10, 2004 10:04 am Reply with quote

Are you using my old hack alert script or some other protection system that may be conflicting with Sentinel? Nothing in Sentinel should interfere with reular logging on though.
 
MrHahn
PostPosted: Tue Aug 10, 2004 10:06 am Reply with quote

I closed the window and opened the site in a new one, and I can log into the site now. No, Sentinel is the only security fix I've installed on the site.

I just tried to activate HTTP Auth and log in again but no luck.
 
Raven
PostPosted: Tue Aug 10, 2004 10:13 am Reply with quote

Try deleting the 4 tables and reinstalling them. I can't think of anything that might be causing this.
 
MrHahn
PostPosted: Tue Aug 10, 2004 10:15 am Reply with quote

Do you mean dropping the 4 nsnst tables and uploading them from the sql file? Will doing so reset all my settings?
 
Raven
PostPosted: Tue Aug 10, 2004 10:20 am Reply with quote

Yes on dropping.

Use nsnst.php.

Yes it will reset your settings.
 
MrHahn
PostPosted: Tue Aug 10, 2004 10:23 am Reply with quote

I noticed in a post I read earlier that there are some stipulations on whether you can use the HTTP Auth setting or not. Something about CGI, but I can't really recall. Could that have anything to do with it?

Once I do what you said, the first thing I want to do is set up the HTTP Auth to make sure nothing else is conflicting with it. Please tell me the exact steps to activate it correctly. Also, is there another way to make users "Gods" without editing db tables?

I would like to comment on how nice the prompt responses are.
 
Raven
PostPosted: Tue Aug 10, 2004 10:32 am Reply with quote

MrHahn wrote:
I noticed in a post I read earlier that there are some stipulations on whether you can use the HTTP Auth setting or not. Something about CGI, but I can't really recall. Could that have anything to do with it?
No. If you're seeing the http auth popup, you are running PHP as an Apache module.
Quote:
Once I do what you said, the first thing I want to do is set up the HTTP Auth to make sure nothing else is conflicting with it.
No, since you are having problems I would set up the other things to get the site protection working.
Quote:
Also, is there another way to make users "Gods" without editing db tables?
There is no other way as that would open up MAJOR security issues.
Quote:
I would like to comment on how nice the prompt responses are.
Thanks. We try to provide that 'down home feeling' Wink
 
MrHahn
PostPosted: Tue Aug 10, 2004 10:42 am Reply with quote

All the blockers are activated again. For the .htaccess, do I have to list the full path (ie. /home/user/etc...) or just the file name, ".htaccess"?

As for the HTTP Auth, I want to be clear on how to activate it properly.
1) Make account a "God" account in phpmyadmin.
2)Turn "Admin HTTP Auth" on with the drop-down menu under the "NukeSentinel™ Administration" section.

Is that correct?
Anything else I need to do?
 
MrHahn
PostPosted: Tue Aug 10, 2004 10:49 am Reply with quote

Also, as for making the account a "God" account, am I corrent in editing the nuke_authors table? In the table, there are the "aid" and "name" columns, both of which have the username in them by default. I then edit the entry under the "name" column next to the user I want to change to "God" without the quotes. Is that correct?
 
Raven
PostPosted: Tue Aug 10, 2004 11:12 am Reply with quote

If these thre options are hyperlinks in your control panel then you are logged in as a God admin.

Protected Admins List
Admin HTTPAuth List
Scan for New Admins

Yes, you select On. At that point, the userid/pass is the same as your nuke admin userid/pass. You can modify that later if you wish. You will then want to protect the admin accounts as that will allow you to run tests on sentinel w/o being banned.

God is in the 'name' column, yes.
 
MrHahn
PostPosted: Tue Aug 10, 2004 11:30 am Reply with quote

I reset the nuke_authors afte rthe mishap. Is that the correct way to make an acount a "God" account? Also, could you please answer the post I made before the one you addressed last?
 
Raven
PostPosted: Tue Aug 10, 2004 11:33 am Reply with quote

I thought I had addressed all the questions in the 2 posts. The .htaccess path shoud just be .htaccess . What else is still unanswered?
 
MrHahn
PostPosted: Tue Aug 10, 2004 11:40 am Reply with quote

The problem is still present. I had to go back into phpmyadmin and turn http_auth from 1 to 0 again. I guess I can just leave it disabled.
 
MrHahn
PostPosted: Tue Aug 10, 2004 11:49 am Reply with quote

I just tried to edit a previous post of mine, and I got a page that said "Method Not Implemented" with the post mixed with symbols below it.


Last edited by MrHahn on Tue Aug 10, 2004 12:03 pm; edited 1 time in total 
MrHahn
PostPosted: Tue Aug 10, 2004 11:53 am Reply with quote

I signed out of both the site and admin panel accounts, closed the browser, opened the site in a new browser window, and I'm able to edit the post now.
 
Raven
PostPosted: Tue Aug 10, 2004 12:30 pm Reply with quote

Have you made all the manual changes required in the README?
 
MrHahn
PostPosted: Tue Aug 10, 2004 12:31 pm Reply with quote

As far as I know. I read the entire thing.
 
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Tue Aug 10, 2004 1:11 pm Reply with quote

Everyone having problems with HTTPAuth, please do the following:

1) Open a text editor and create a new empty document.
2) Enter the following in that new document:
Code:
<?php

phpinfo();
?>

3) Save this as myphpinfo.php or something like that.
4) Upload it to your server and call it in yoru browser.
5) Look at the Server API. It will be about the 4th line.
6) If this reports anything other then Apache or Apache Handler you can not use HTTPAuth.

Let us know if you have the above issue, if so there is nothing we can do to help except recommend you ask your host to recompile PHP as an Apache module.

If it reports Apache as the server api then we will do what we are able to do to get you up and running with HTTPAuth.

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©