Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
griffinsbridge
New Member
New Member



Joined: Mar 12, 2006
Posts: 14
Location: Darkside of the Moon

PostPosted: Thu Jun 01, 2006 7:50 am Reply with quote

Hi
Ive been using your 7.6 distro for a while with no problems until recently.

I have a custom refer a friend module that sends an email to the referred email addy. this email contains the site url with a referral code tagged on the end ie:
[ Only registered users can see links on this board! Get registered or login! ]

when clicked, various sign up forms on the homepage get populated with the referrer. this is so we can automatically give the referring members some points as a thank you.

As I said, up until recently, this was working fine, but now, Im getting a few "blocked abuse" emails a day caused by that GET string.

is there a way i can allow that particular GET string with sentinel?
Also, would it be prudent to first check that the values in that GET string are an actual user name? (Oh, and how would I do that?)

Thank you very much in advance, i look forward to a reply!

*edit*
thought it might help if i showed you one of the "blocked abuse" emails, heres a snippet;

User ID: Anonymous (1)
Reason: Abuse-Referer
String Match: xxxx:
--------------------
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Get String: [ Only registered users can see links on this board! Get registered or login! ]
Post String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address: 84.13.71.214
Remote Port: 3679
Request Method: GET

_________________
Danny Stewardson still owes me £4500.
Hope it chokes him 
View user's profile Send private message
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Thu Jun 01, 2006 11:57 am Reply with quote

Well, you can turn off your NukeSentinel referrer blocker for now. However, the URL you provided looks "odd" to me. Why wouldn't it look more like this if you are using a custom module:
[ Only registered users can see links on this board! Get registered or login! ]

You might also try changing from the word "referer" to something else and see if that works.

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
griffinsbridge







PostPosted: Thu Jun 01, 2006 1:36 pm Reply with quote

Ah, thats cos the custom module only sends the URL
The homepage module (custom again) has got some hidden forms in which collect that value. these forms basically make up the "please sign up" images and text.
So, when the image is clicked (its actually an image submit button) it sends the referer value to the usual sign up form.

its all hidden and only works like that if $_GET[referer] !=""
else {
its all just an image n links
}
But yeah, all that considered, maybe the choice of parameter name may well be the cause. It was convenient at the time of creation though.

Ill have a go at that.
If i disable NukeSentinel referrer blocker would that leave mysite.com open to any serious forms of attack? or would sentinel be able to pick up in other areas?
 
montego







PostPosted: Thu Jun 01, 2006 1:51 pm Reply with quote

I do not think it opens you up to attack per se as Raven doesn't even include that to be ON by default in RavenNuke76, but I would check to see if the variable name is tripping it up. I am not convinced that is it just yet. I believe it is looking in the blocker's referrers list. You may want to see if these ones that were blocked were somehow in this list???
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©