Mobile Phone access

New Member Joined: Mar 27, 2009 Posts: 6

Hi I am having a great deal of trouble accessing my site using my mobile phone.
When I try I get "Your Attention Please! You have attempted to access this site with an invalid User Agent."
Then it says
Be sure to include the following information in any email.
User Agent: none
Remote Access: 212.183.134.209
Client IP:none
Forwarded for:none"

I have no idea where to start resolving this issue.

The strange thing is I am using a Samsung F480V on the Vodafone network in the UK. Others with the same phone, network can access it fine.

Confused

Any help would be appreciated

Posted: Fri Mar 27, 2009 7:00 pm

Suggest you disable the NukeSentinel Harvester blocker or find the correct User Agent line that is blocked and remove it

Posted: Sat Mar 28, 2009 4:12 am

Thanks for your reply.
I tried disabling the Harvestter Blocker but it made no difference. I this disabled each in the list one at a time. Still no difference. I then disabled NukeSentinel and I could get in.
So Im stuck

Posted: Sat Mar 28, 2009 4:18 am

Does NukeSentinel show your mobile IP as blocked? if so, remove it from the blocked list and try it again.

Posted: Sat Mar 28, 2009 10:16 am

No it doesnt. And its not in any blocked ranges

Thanks

Posted: Sat Mar 28, 2009 3:09 pm

What mobile browser are you using? Any different from what others are using that can access it?

Could we protect the ip your phone uses from sentinel (if we know it)?

Posted: Sat Mar 28, 2009 5:33 pm

I am using a Samsung F480V. I have no idea what the browser is. Strangely other F480Vs work perfectly well. I seem to have a dynamic IP address on it so presumably so does everyone else on the vodafone network. The guys at Vodafone have tried it and they have no problem either. It seems MY phone is disliked by NukeSentinel (or am I getting paranoid Wink

)

I did try protecting the IP that I was using and then refreshing (Like i did when I disabled NukeSentinel) but that didn't work either Sad

Thanks

Posted: Sun Mar 29, 2009 8:47 am

Sounds like there is some program on your phone that is masking your user agent. It is showing as "none", so I suspect that is why it is throwing this message. I know that there are PC based anonymizers which do this. Is there an equivalent running on your phone?

Posted: Sun Mar 29, 2009 12:34 pm

No nothing like that. This is a new phone. I have not added any software to it yet.

Is there a way to set NukeSentinel to accept none in the User Agent?

Thanks

Posted: Tue Mar 31, 2009 6:40 am

Although I do not advocate this change as the issue is with your phone or provider and not NukeSentinel, but it is up to you. You can comment out the following code within includes/nukesentinel.php and probably get rid of that problem for you (but essentially get no "invalid user agent" checking any longer... period.):

Code:




// Invalid user agent


if(($nsnst_const['user_agent']=="none" AND !stristr($_SERVER['PHP_SELF'], "backend.php") AND ($nsnst_const['remote_ip'] != $nsnst_const['server_ip'])) || $nsnst_const['user_agent']=="-") {


  echo abget_template("abuse_invalid2.tpl");


  die();


}

Posted: Tue Mar 31, 2009 3:27 pm

That sounds like the thing I was looking for. Before I do it though it sounds like there are some risks involved with this method. Could you tell me what the problim is and what the likely effect of doing this would be.

Many Thanks

Welshmark

Posted: Thu Apr 02, 2009 6:41 am

The problem is that something is blanking out your User Agent on either the phone end or somehow with the provider. That is the bottom line.

The likely effect of the above change is that you will no longer have this check done any longer, so basically any user agent at all can access your site, including one without. This check helps to reduce the number of automated programs checking your site for exploits. However, how much is that worth these days? I would suspect that most hackers/spammers have wised up by now and are providing valid (faked) user agents, so just how much is it stopping? Not sure.

Although I haven't checked out all the related code, I suspect that this will not stop the Harvestor Blocker's functionality, so you may not lose that.

Posted: Fri Apr 17, 2009 5:51 pm

I have a question along these lines. This is the user agent:

Quote:

Mozilla/3.0 (compatible; WebCapture 2.0; Auto; Windows)

Is Mozilla/3.0 really a known harvester? I would assume it has to be correct but, is there any chance of users running under this agent?

Same goes for WebCap, botsvsbrowsers.com says it is not a bot, sentinel says it is. Tested the agent and sure enough sentinel is blocking IPs under that agent.

Reason I ask is I get hits like this one that look valid:

Quote:

User Agent: Mozilla/3.0 (compatible; WebCapture 2.0; Auto; Windows)
Query String: name=Forums
Get String: name=Forums
Post String: Not Available

But dont want to allow all harvesters, for example some are libwww-perl... Any suggestions?

Posted: Fri Apr 17, 2009 6:07 pm

I had had similar experience.
In my memory, I changed my mobile and it worked.
I guess the firm ware on your mobile should be upgraded or changed.

I couldn't figure out my similar problem but it works now.

Posted: Sat Apr 18, 2009 8:25 am

if you end up disabling user agent checking in nukesentinel, you could add some blocking in htaccess to regain some protection. This is not a current list so you might want to reseach, but heres the basic idea:

Code:

RewriteEngine on


RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 


RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 


RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 


RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 


RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 


RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 


RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 


RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 


RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 


RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 


RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 


RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 


RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 


RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 


RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 


RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 


RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 


RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 


RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 


RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 


RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 


RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 


RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 


RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 


RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 


RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 


RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 


RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 


RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 


RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 


RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 


RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 


RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 


RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 


RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 


RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 


RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 


RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 


RewriteCond %{HTTP_USER_AGENT} ^Zeus 


RewriteRule ^.* - [F,L]

Posted: Sat Apr 18, 2009 1:53 pm

For now I have the harvester blocker set to 1 day instead of permanent, and disabled it saving to htaccess. I've been trying to watch close enough and it seems 99% of the agents/IPs that are blocked are one time visits, so it might not be much of an issue, still curious though.

spasticdonkey, If I were to go that route, would that mean using the above by montego? Or would I remove all the harvesters, or just disable the harvesters blocker?

What does the last line do,

Quote:

RewriteRule ^.* - [F,L]

Posted: Sat Apr 18, 2009 8:18 pm

adding that to your htaccess will block those user agents before they even get to sentinel. so you can use it either way, but i think it's a good idea if you use montego's edit.

and the last line blocks access for the above agents Smile

this is a good site with examples of things you can do with htaccess [ Only registered users can see links on this board! Get registered or login! ]