Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
hozay
New Member
New Member


Joined: Dec 05, 2004
Posts: 19

PostPosted: Sun Dec 05, 2004 6:33 pm Reply with quote

Hey I installed PHPNUKE 7.0 because 7.5 and 7.6 givin me headaches... So I installed a fresh copy and included NukeSentinal with it. I created a super god admin, then I installed the NSNST.sql using myphpadmin. Now however, when I try to log in as admin using the home page or any other way.. a little box pops up asking for my pass and username.. now what pass and username would that be? I tried both my God admin pass and username and my server pass and username.. I am very confused... plz help me fix this problem Razz I am sure its eazy answer.. but im new to sentinal... I hope it does stop all these hackers Razz Thnx for your time.
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Sun Dec 05, 2004 6:52 pm Reply with quote

2 Things be sure to use chatservs patched series 7.0 2.7 files and the god admin would have to be entered in the login box in the case you created it in. Otherwise if not is your server running php in cgi mode? Then you will have to follow the alternative http auth instructions it looks a little confusing but worth the effort. This feature has prevented a lot of exploits of the admin.

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
hozay
PostPosted: Mon Dec 06, 2004 12:14 am Reply with quote

umm... I am not sure... i do have CGI and Perl and PHP and a lot of other features allowed on my server... I got php nuke 7.0 then patched it with the latest patch and installed it.. it worked fine then i installed ur Sentinal... and 2.1.1 i tink and it didnt let me into admin. Now im confused on how to fix dis... Razz I did try capitals and so forth.. nothing worked... any other ideas?
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Mon Dec 06, 2004 12:35 am Reply with quote

Use phpMyAdmin and look at the table nsnst_config. Find the HTTPAuth setting. If it is a 1 or a 2, change it to 0 (zero). That should allow you to get in to your nuke admin. Once in, go to the Sentinel admin section and update your Sentinel password. Then reactivate HTTPAuth via the control panel.
 
View user's profile Send private message
hozay
PostPosted: Mon Dec 06, 2004 1:34 am Reply with quote

Okay... i checked and i don't know how to edit it using phpmyadmin so i downloaded the whole sql file for nsnst_config.. and it shows that the nsnst_auth is "0" so i don't get why its doing dat then Razz....

Htaccess is 644
staccess is 666

but i dont tink dat matters... blah this is so confusing.. but i need to make sure i have this feature for phpnuke Razz too many hackers out there Razz
 
Raven
PostPosted: Mon Dec 06, 2004 10:19 am Reply with quote

rename your .htaccess and .staccess to see if you can get into your site.
 
hozay
PostPosted: Mon Dec 06, 2004 11:07 am Reply with quote

Ok I renamed both and it worked... but now I see this wierd thing when I click on the sentinel icon...

Code:
<?php

if ($forum_admin == 1) {
  include("../../../includes/sentinel.php");
} elseif ($inside_mod == 1) {
  include("../../includes/sentinel.php");
} else {
  include("includes/sentinel.php");
}


Now do i put that in the mainfile like it says to make sentinel work? or do I do something else?
 
Raven
PostPosted: Mon Dec 06, 2004 12:26 pm Reply with quote

That goes at the top of your mainfile.php after the opening <? tag. make sure you're only using 1 <? tag.
 
hozay
PostPosted: Mon Dec 06, 2004 1:51 pm Reply with quote

Umm.. ok i did that... but now my security code is gone.. i dont see a security code to log into admin... :S I need that security code for security purposes also Razz any ideas as to what could have caused that?

It happend right after i added the

Code:
<?php 

if ($forum_admin == 1) {
  include("../../../includes/sentinel.php");
} elseif ($inside_mod == 1) {
  include("../../includes/sentinel.php");
} else {
  include("includes/sentinel.php");
}


to the top of the mainfile.php

and then after I do that.. what do I do exactly?

By the way.. at the top of the sentinal thing it says 2.1.0 ... Is that supposed to be right? or is it supposed to say 2.1.1 ? Razz
 
Raven
PostPosted: Mon Dec 06, 2004 3:50 pm Reply with quote

If you d/l the 2.1.1 it should say 2.1.1. I thought my d/l was corrected. When you say the security code is gone, do you mean you have a red X? If so, please see Only registered users can see links on this board! Get registered or login!
 
hozay
PostPosted: Tue Dec 07, 2004 12:02 am Reply with quote

well.. this problem occured after i added that line to the mainfile.php

do you have a link in how to install sentinel using a FRESH copy of phpnuke? Step by step so I can ensure i did everything right?

Because what i did was install the fresh copy first, the sql file too.
It is version 7.0 php nuke with the 2.7 patch included. And then I uploaded all the sentinel files as were into the php nuke folder called PHP and then i installed the sql file... after that I ran into the previous error that i couldn't log in... then i fixed that with ur help by renaming the .htaccess and .staccess and then I went to admin panel and saw that code... and then I added that code to the MAINFILE.php and now I see a BIG RED X on the security code... so now... is sentinel supposed to prevent everyone from the site Razz lol or did i do something wrong???

I would really appreciate your help in making a version of PHPNUKE 7+ work with sentinel Razz I had same error with 7.5 ... but i still dont get it...
help is apprecaited Razz

thnx again...
 
hozay
PostPosted: Tue Dec 07, 2004 1:50 am Reply with quote

Okie Dokie...

I fixed the security code problem by checking the config.php and found two extra blank lines at the end! Now that is fixed!

Now back to installing sentinel!

I uploaded the files, sql installed, mainfile.php added the lines and now just one question left...

what do i do with the .htaccess and .staccess?
 
hozay
PostPosted: Tue Dec 07, 2004 2:06 am Reply with quote

Ok now...

I installed sentinel and changed .htaccess + .staccess to CHMOD 666 and renamed em like said...

and now that login box pops up again and asks for password and username

I try the admin pass and username and it wont work and instead takes me to error page...

Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Code:


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


--------------------------------------------------------------------------------

Apache/1.3.33 Server at Only registered users can see links on this board! Get registered or login! Port 80


any ideas to this problem??
 
Raven
PostPosted: Tue Dec 07, 2004 10:51 am Reply with quote

Did you encrypt your password before placing it in .staccess?
 
hozay
PostPosted: Tue Dec 07, 2004 12:45 pm Reply with quote

Placing what where?

I don't know what to do exactly with the .htaccess and .staccess... can u explain what is needed to be done with these two files?
 
Raven
PostPosted: Tue Dec 07, 2004 2:04 pm Reply with quote

Only registered users can see links on this board! Get registered or login!
 
hozay
PostPosted: Tue Dec 07, 2004 5:13 pm Reply with quote

Hey... I couldnt get into the admin again because of HTTP Auth and then I made it 0 in nsnst_config sql and now i can...

how do i add an admin to the http_auth?

plz help ! Very Happy
 
sixonetonoffun
PostPosted: Tue Dec 07, 2004 5:19 pm Reply with quote

In Nuke-Sentinel scan for new admins after creating the new admin (Through the normal process) set the password for each listed (and for your user).

Wait are you using the alternative method or the http auth method?
 
hozay
PostPosted: Tue Dec 07, 2004 7:03 pm Reply with quote

Ok I think im using HTTP auth... lol i just finished installing the fresh copy and installing sentinel 2.1.1 ... version of nuke 7.5 patched 2.7.

Now I couldnt get into admin because of this gay login box. I got rid of that through NSNST_Config sql table.

Now I would like it to recognize my admin so .. how do i do that .. create an admin for it to recognize so i can log in...

any ideas?
 
GeoffM
New Member
New Member


Joined: May 19, 2004
Posts: 21
Location: Bellingham, WA.

PostPosted: Sun Dec 12, 2004 7:26 pm Reply with quote

How it does not work for me

config table is 0
chmoded to 0666
scan for admins - admin is there Case is used correctly

.htaccess in root no admitance (Using same exact login as Site Admin)
no .htaccess normal admin functions

Sentinel 2.1.1 installed today if I get working then it will go on all my Nuke sites
no other patches or code edits beyond the Readme TXT

gfx=0 (does the gfx option have to be used?)

I should mention this is a 7.5 Site

_________________
Webmaster Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!

All Sites use PHP-Nuke 7.3 and up

Last edited by GeoffM on Sun Dec 12, 2004 7:55 pm; edited 1 time in total 
View user's profile Send private message Visit poster's website
BellorAnima
New Member
New Member


Joined: Dec 09, 2004
Posts: 12

PostPosted: Sun Dec 12, 2004 7:43 pm Reply with quote

I'm having similar issues, actually. It's almost like the .htaccess isn't even acknowledging the existence of the .staccess file. The files are there, the paths are correct, but it almost seems like the .htaccess file isn't reading the .staccess file.
 
View user's profile Send private message
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Mon Dec 13, 2004 12:41 pm Reply with quote

I know this is a very doumb question but did you set (in the main NukeSentinel admin page) Auth to CGIAuth?

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
BellorAnima
PostPosted: Mon Dec 13, 2004 2:38 pm Reply with quote

I tried it multiple ways. First, I tried just making the .htaccess and the .staccess without doing anything in Sentinel, because this doesn't really have anything to do with Sentinel. (After doing some .htaccess research elsewhere.) That's where I seem to run into problems. So I removed the .htaccess and turned on the CGIAuth inside Sentinel. That didn't seem to do anything at all, so I turned on both the .htaccess and the CGIAuth, which gives me the same problem as just using the .htaccess.

I'm wondering at this point if it has anything to do with Sentinel at all. I may be configuring the CGIAuth incorrectly, or may not even be able to use it. It may also be an issue with the server. The .htaccess is doing what it's supposed to do, but it's just not accepting any passwords.

I can't find any clear documentation on CGIAuth, how to set it up or if it will even work with my installation. I've seen a lot of references to HTTP Auth in the forums here, but I don't have any such option in Sentinel, so I've just been kind of assuming that by setting protection to "Off", it defaulted to HTTP.

I guess I'm a little slow, but I just don't get it. After a little more research, I just don't think that my .htaccess issue has anything to do with Sentinel at all... Not sure about the CGIAuth.
 
GeoffM
PostPosted: Tue Dec 14, 2004 12:09 am Reply with quote

BobMarion wrote:
I know this is a very doumb question but did you set (in the main NukeSentinel admin page) Auth to CGIAuth?


Code:
# -------------------------------------------

# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
  deny from all
</Files>

<Files admin.php>
   <Limit GET POST PUT>
      require valid-user
   </Limit>
   AuthName "Restricted by NukeSentinel(tm)"
   AuthType Basic
   AuthUserFile /var/www/html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------


if you mean this, then yes this is my .htaccess

Like Bellor, I too have tried differant configurations (including a 25th reading of the setup instructions to make sure it was install correctly)
 
Raven
PostPosted: Tue Dec 14, 2004 5:37 am Reply with quote

Have you added your username and encrypted password to the .staccess file?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©