Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x
Author Message
j4rdin
Worker
Worker


Joined: May 26, 2006
Posts: 153
Location: West Sussex - UK

PostPosted: Sun Sep 07, 2008 11:16 am Reply with quote

I have just updated my RavenNuke 2.20.01 websites and have had some problems (I was going to wait untill v2.30 was released but one of the users was getting banned for no reason and I couldn't find the IP in any table or .htaccess files).

First a number of the modules didn't install properly and left black screens, most of these have now been sorted I think after resorting to the full install (not upgrade). The IP2Country updates don't seem to have worked properly from the installer, as before you had feedback that something was happening, nothing this time and a lot of unknown countries now in the database.

I have also had to turn of the string blocker as each time I turn it on and try to change content on the website I get the following message (The IP address doesn't get written to database of .htaccess file).

-------------------------------------------------------------------

You have been blocked from entering this site.

You have attempted a String attack on this site.

All of the following information has been gathered to assist the webmaster should this need to be reported to local or federal law enforcement.

If you think this is a mistake you can contact the site webmaster at admin(at)*****(dot)**(dot)**.

Be SURE to include the following information in any email!
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 (.NET CLR 3.5.30729)
Query String:
GET String:
POST String: title=Clubs ((edited) removed html page text from this message)
Remote Address: 87.115.*.* (edited)
Client IP: none
Forwarded For: none
Date Blocked: 2008-09-07 @ 17:56:32 BST GMT +0100
Block expires: Unknown
PLEASE: bear in mind that even if you have done nothing wrong, you may be getting this page due to someone's misuse of the site in your ip range

---------------------------------------------------------------------------

Any pointers?

John


Last edited by j4rdin on Tue Sep 09, 2008 2:09 pm; edited 1 time in total 
View user's profile Send private message Visit poster's website
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Sep 07, 2008 4:53 pm Reply with quote

Probably the string blocker is the same as being blocked on this site. We really need to see the POST String that you editted out. Just put it as a .txt file and link us to it so we can few the entire message

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
j4rdin
PostPosted: Mon Sep 08, 2008 3:08 pm Reply with quote

evaders99 wrote:
Probably the string blocker is the same as being blocked on this site. We really need to see the POST String that you editted out. Just put it as a .txt file and link us to it so we can few the entire message


Have just sent the POST string as a PM to you.

John
 
j4rdin
PostPosted: Mon Sep 08, 2008 3:17 pm Reply with quote

No sure if this is related but I also have someone getting the following error message, but only from work on IE. Have asked them to do the usual cookie and browser cashe clear and restart. No change and again there is no sign of the IP addresses in the database or .htaccess file.

You have been blocked from entering this site.

You have attempted to improperly access the admin area of this site.

All of the following information has been gathered to assist the webmaster should this need to be reported to local or federal law enforcement.

If you think this is a mistake you can contact the site webmaster at admin(at)zenjudo(dot)co(dot)uk.

Be SURE to include the following information in any email!
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648)
Remote Address: 81.145.*.*
Client IP: none
Forwarded For: 10.226.*.*
Date Blocked: __TIMEDATE__
Block expires: __DATEEXPIRES__



John
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Mon Sep 08, 2008 3:58 pm Reply with quote

j4rdin - if he is trying to access the admin area and gets this message then the IP would not appear in the database or htaccess
Is your NS and IP2C information up to date?
 
View user's profile Send private message Send e-mail
evaders99
PostPosted: Mon Sep 08, 2008 7:34 pm Reply with quote

I can't seem to get any blocked pages with what you sent me. Or are those "ody2" classes supposed to represent "body2"

Basically anything that can't be posted here because of NukeSentinel could be the same issue. So a .txt file with exactly what it outputted is better.
 
j4rdin
PostPosted: Tue Sep 09, 2008 10:17 am Reply with quote

Guardian2003 wrote:
j4rdin - if he is trying to access the admin area and gets this message then the IP would not appear in the database or htaccess
Is your NS and IP2C information up to date?



Using latest RN and NS v2.6.01 and IP2Country_2008-09-0. But not entirely sure that the IP2Country files have uploaded correctly. The problems don't seem to occur on my other site which I upgraded after this one. Have just upgraded Beyond Compare to v3 and will try running it to see what the differences are between the two sites.
 
j4rdin
PostPosted: Tue Sep 09, 2008 11:43 am Reply with quote

evaders99 wrote:
I can't seem to get any blocked pages with what you sent me. Or are those "ody2" classes supposed to represent "body2"

Basically anything that can't be posted here because of NukeSentinel could be the same issue. So a .txt file with exactly what it outputted is better.



Yes the "ody2" classes seem to be a hang over from the original page which was linked to a style sheet and should have been "body2". Both of these pages had been put together in Dreamweaver for a straight html website and have then been included when the site was brought over to RavenNuke.

I have just checked the original page that generated the errors and it doesn't include any classes or links to that style sheet. I have included the full text in this post and checked it will PREVIEW ok, have now sent the complete POST text to you as PM.


NukeSentinel(tm)
You have been blocked from entering this site.

You have attempted a String attack on this site.

All of the following information has been gathered to assist the webmaster should this need to be reported to local or federal law enforcement.

If you think this is a mistake you can contact the site webmaster at admin(at)zenjudo(dot)co(dot)uk.

Be SURE to include the following information in any email!
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 (.NET CLR 3.5.30729)
Query String:
GET String:
POST String: title=Zen Judo Clubs Page&cid=7&subtitle=&page_header=<hr width=\"100%\" size=\"2\" /> <h4>&nbsp;</h4> <h4>This Clubs list contains information and contact details for clubs with links to the Zen Judo Family or British Zen Judo Family Association.</h4> <hr width=\"100%\" size=\"2\" />&text=<table width=\"598\" cellspacing=\"0\" cellpadding=\"4\"> <!--DWLayoutTable--> <tbody> <tr> <td width=\"588\">&nbsp;</td> </tr>

(EDITED BY SENDER - HAVE PM FULL TEXT TO YOU)

<hr /> </td> </tr> </tbody> </table>&page_footer=&signature=&clanguage=english&active=1&pid=3&op=content_save_edit
Remote Address: 87.112.*.*
Client IP: none
Forwarded For: none
Date Blocked: 2008-09-09 @ 18:28:17 BST GMT +0100
Block expires: Unknown
PLEASE: bear in mind that even if you have done nothing wrong, you may be getting this page due to someone's misuse of the site in your ip range
NukeSentinel(tm) 2.6.01 by: NukeScripts.net


--------------------------------------------------------------------
EDITED BY j4rdin -----------------------------------------------
---------------------------------------------------------------------
Have just found these orphan files in my Nuke folder, which don't seem to be in the full NukeSentinel package, should they now be deleted from the website and could they be causing some of the problems:-

admin/modules/nukesentinel/ABAuthListScan.php
admin/modules/nukesentinel/ABBlockedIP.php
admin/modules/nukesentinel/ABBlockedOverlapCheck.php
admin/modules/nukesentinel/ABBlockedRange.php
admin/modules/nukesentinel/ABDBDownload.php
admin/modules/nukesentinel/ABDBDownloadDelete.php
admin/modules/nukesentinel/ABDBDownloadGet.php
admin/modules/nukesentinel/ABDBMaintence.php
admin/modules/nukesentinel/ABImport.php
admin/modules/nukesentinel/ABImportBlockedRange.php
admin/modules/nukesentinel/ABImportIP2Country.php
admin/modules/nukesentinel/ABIP2Country.php
admin/modules/nukesentinel/ABPrintBlockedIP.php
admin/modules/nukesentinel/ABPrintBlockedIPView.php
admin/modules/nukesentinel/ABPrintBlockedRange.php
admin/modules/nukesentinel/ABPrintBlockedRangeView.php
admin/modules/nukesentinel/ABPrintExcludedList.php
admin/modules/nukesentinel/ABPrintExcludedView.php
admin/modules/nukesentinel/ABPrintProtectedList.php
admin/modules/nukesentinel/ABPrintProtectedView.php
admin/modules/nukesentinel/ABPrintTracked.php
admin/modules/nukesentinel/ABPrintTrackedAgents.php
admin/modules/nukesentinel/ABPrintTrackedAgentsPages.php
admin/modules/nukesentinel/ABPrintTrackedPages.php
admin/modules/nukesentinel/ABPrintTrackedRefers.php
admin/modules/nukesentinel/ABPrintTrackedRefersPages.php
admin/modules/nukesentinel/ABPrintTrackedUsers.php
admin/modules/nukesentinel/ABPrintTrackedUsersPages.php
admin/modules/nukesentinel/ABSearchResults.php
admin/modules/nukesentinel/ABTracked.php
admin/modules/nukesentinel/ABTrackedAgents.php
admin/modules/nukesentinel/ABTrackedDeleteUser.php
admin/modules/nukesentinel/ABTrackedDeleteUserIP.php
admin/modules/nukesentinel/ABTrackedRefers.php
admin/modules/nukesentinel/ABTrackedUsers.php
 
j4rdin
PostPosted: Tue Sep 09, 2008 4:35 pm Reply with quote

Ok have deleted the files above and un-installed and re-installed NukeSentinel and the IP2Country files and the string blocker seems to be working on both sites now.

The IP2Country installer on the full Nuke version doesn't seem to work properly as it gives no feedback when each file has been loaded, so just worked through each one in turn.

I still seem to have blank screens returned when trying to use the "Clear Expired Blocked IP's" and "Clear Expired Blocked Ranges" menu's, but can't find what is missing from the download v website. I assume that the download might be corrupted in some way, as this will be the third time of un-installing and installing Nuke.


Last edited by j4rdin on Wed Sep 10, 2008 6:22 am; edited 1 time in total 
evaders99
PostPosted: Tue Sep 09, 2008 7:37 pm Reply with quote

With Javascript on, the Import IP2Country will cycle through each one until it finishes at the end. Let it go Smile
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©