Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
dudess
New Member
New Member


Joined: Jan 05, 2011
Posts: 5
Location: Denmark

PostPosted: Wed Jan 05, 2011 4:21 am Reply with quote

Hi all Smile

I've installed Nuke Sentinal not too long ago, and I was kinda thinking that a standard installation would take care of hacker attacks etc. Well, I havent had any hacker attacks since I installed it - so perhaps it's working? Wink

But when I look in my "banned IP" list, it's empty?

But my main question is this... How do I ban an IP address? I can see the link for it, and a whole lot of options come up - but if I simply want to ban a specific IP address, can I not do this without filling out a bunch of fields? I'm not so sure as to what to chose in the different fields, so if I could simply write the IP addie, and then it's banned - that would be perfect.

I once used Admin Secure as my security system, but that got outdated a while back, which is why i installed the Nuke Sentinel.

Thanks so much in advance for your help Smile
 
View user's profile Send private message
PHrEEkie
Subject Matter Expert


Joined: Feb 23, 2004
Posts: 358

PostPosted: Wed Jan 05, 2011 6:45 am Reply with quote

Interested to know what version of Nuke or RN you're using Sentinel with...?

As far as banning an IP direct, almost all of those form fields are optional, besides well, the IP of course... and I believe you have to decide whether to ban the full IP, or portions of the entire block. It's usually best to start with the full IP, then if you see them come back with a different last octet, ban the first 3 octets and leave the 4th 'wildcarded'.

- Keith

_________________
PHP - Breaking your legacy scripts one build at a time. 
View user's profile Send private message
dudess
PostPosted: Wed Jan 05, 2011 12:20 pm Reply with quote

Okay - hate to admit my newbie status here *cough* - but where exactly do I see/find out which versions I'm running?
 
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Wed Jan 05, 2011 1:19 pm Reply with quote

Look in your nuke_config table using phpmyadmin, the field Version_Num has your version number in it. Humm. it really would be a good idea if we reported the version on the top of the Administrative Control Panel wouldn't it? Nuke Sentinel reports its version when you call it up the NS admin screen.

If you call up IP tracking within NS you can ban any of the IP's you see there. Turn the appropriate setting on and it will write those banned IP's to your htaccess file also. Then you can look at the format of banned IP's in the htaccess table and add whatever you want. You basically say:

deny from 12.191.209.236

or whatever IP you want to ban. Be careful editing htaccess, you can make your whole site inaccessible by fouling it up.
 
View user's profile Send private message Visit poster's website
dudess
PostPosted: Wed Jan 05, 2011 1:51 pm Reply with quote

I found the phpnuke version - it's 8.1 Wink And yes, it would indeed be a good idea *s*

It doesn't however say the version number in the NS admin panel? Tried clicking around, but cannot see it anywhere.

I turned IP tracking on in the administration menu, but I can't see any blocked or tracked IPs anywhere?

I'm thinking its a setting that I haven't turned on somewhere? I.e. the "Admin blocker settings" is turned off? But then again, I am a newbie to the whole NS thing, so what do I know? Wink
 
PHrEEkie
PostPosted: Wed Jan 05, 2011 3:16 pm Reply with quote

I will unabashedly advise you, and especially if your site is fairly new and not modded, to ditch that 8.1 in favor of the current RavenNuke available in the download section here (v2.40.01). It is so vastly superior in coding, SECURITY, look, feel, compliance, user-friendliness, features, uh... look, I could run out of posting space here soon... you get the idea.

In terms of security, so many things have been fixed and patched PROPERLY, that Sentinel isn't even an absolute must, although it always helps you sleep a little better every night. With the current form of RavenNuke, Sentinel is essentially there to guard 3rd party and poorly written add-ons and modules, and just stop evil-doers from sniffing around (even though there's nothing really there for them to get into anymore).

And well, you can either use the great Forums at Nuke (oh wait... FB took them down about 6 years ago Wink ), or get friendly, knowledgeable help right here. Very Happy

- Keith
 
dudess
PostPosted: Wed Jan 05, 2011 4:00 pm Reply with quote

Oh if you only knew how many times I've been wanting to throw my phpnuke out the windows Wink - but the thing is, the site is over 6 years old and has almost 9000 registered users with about 1500 unique visits per day. So don't wanna mess things up, and lose it all. Especially since I'm still the newbie that I am.

I have managed to restore the whole site after my last hacker attack though - and that's when i upgraded to 8.1 plus installed NS.

"Unfortunately" its free for my users to use the site, so I got no income on it, so can't even pay a developer to make it all neater for me. So will live with the junk I got - sorta after the thinking "if it ain't broken..." Wink
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Wed Jan 05, 2011 6:02 pm Reply with quote

dudess wrote:
Oh if you only knew how many times I've been wanting to throw my phpnuke out the windows Wink <snipped>

I have managed to restore the whole site after my last hacker attack though <snipped>

I got no income on it, so can't even pay a developer to make it all neater for me. So will live with the junk I got - sorta after the thinking "if it ain't broken..." Wink

Unfortunately the chances are it WILL get hacked again and next time they might the database for you in the process.

It's New Years so contact me via Private Message and I'll convert your site for you - free of course (provided it isnt a warez or porn site)!
 
View user's profile Send private message Send e-mail
dudess
PostPosted: Thu Jan 06, 2011 1:37 am Reply with quote

Guardian2003 wrote:
It's New Years so contact me via Private Message and I'll convert your site for you - free of course (provided it isnt a warez or porn site)!

Wow are you serious? What an amazing offer! Thank you so much - pm on the way Very Happy

And no, not a porn site or warez hehe. Its a help site and a forum for single parents Wink
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©