Admin Login Problems...

New Member Joined: Dec 05, 2004 Posts: 19

Hey I installed PHPNUKE 7.0 because 7.5 and 7.6 givin me headaches... So I installed a fresh copy and included NukeSentinal with it. I created a super god admin, then I installed the NSNST.sql using myphpadmin. Now however, when I try to log in as admin using the home page or any other way.. a little box pops up asking for my pass and username.. now what pass and username would that be? I tried both my God admin pass and username and my server pass and username.. I am very confused... plz help me fix this problem Razz

I am sure its eazy answer.. but im new to sentinal... I hope it does stop all these hackers Razz

Thnx for your time.
[ Only registered users can see links on this board! Get registered or login! ]
[ Only registered users can see links on this board! Get registered or login! ]

Posted: Sun Dec 05, 2004 6:52 pm

2 Things be sure to use chatservs patched series 7.0 2.7 files and the god admin would have to be entered in the login box in the case you created it in. Otherwise if not is your server running php in cgi mode? Then you will have to follow the alternative http auth instructions it looks a little confusing but worth the effort. This feature has prevented a lot of exploits of the admin.

Posted: Mon Dec 06, 2004 12:14 am

umm... I am not sure... i do have CGI and Perl and PHP and a lot of other features allowed on my server... I got php nuke 7.0 then patched it with the latest patch and installed it.. it worked fine then i installed ur Sentinal... and 2.1.1 i tink and it didnt let me into admin. Now im confused on how to fix dis... Razz

I did try capitals and so forth.. nothing worked... any other ideas?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Use phpMyAdmin and look at the table nsnst_config. Find the HTTPAuth setting. If it is a 1 or a 2, change it to 0 (zero). That should allow you to get in to your nuke admin. Once in, go to the Sentinel admin section and update your Sentinel password. Then reactivate HTTPAuth via the control panel.

Posted: Mon Dec 06, 2004 1:34 am

Okay... i checked and i don't know how to edit it using phpmyadmin so i downloaded the whole sql file for nsnst_config.. and it shows that the nsnst_auth is "0" so i don't get why its doing dat then Razz

....

Htaccess is 644
staccess is 666

but i dont tink dat matters... blah this is so confusing.. but i need to make sure i have this feature for phpnuke Razz

too many hackers out there Razz

Posted: Mon Dec 06, 2004 10:19 am

rename your .htaccess and .staccess to see if you can get into your site.

Posted: Mon Dec 06, 2004 11:07 am

Ok I renamed both and it worked... but now I see this wierd thing when I click on the sentinel icon...

Code:

<?php


if ($forum_admin == 1) {


  include("../../../includes/sentinel.php");


} elseif ($inside_mod == 1) {


  include("../../includes/sentinel.php");


} else {


  include("includes/sentinel.php");


}

Now do i put that in the mainfile like it says to make sentinel work? or do I do something else?

Posted: Mon Dec 06, 2004 12:26 pm

That goes at the top of your mainfile.php after the opening <? tag. make sure you're only using 1 <? tag.

Posted: Mon Dec 06, 2004 1:51 pm

Umm.. ok i did that... but now my security code is gone.. i dont see a security code to log into admin... :S I need that security code for security purposes also Razz

any ideas as to what could have caused that?

It happend right after i added the

Code:

<?php 


if ($forum_admin == 1) { 


  include("../../../includes/sentinel.php"); 


} elseif ($inside_mod == 1) { 


  include("../../includes/sentinel.php"); 


} else { 


  include("includes/sentinel.php"); 


}

to the top of the mainfile.php

and then after I do that.. what do I do exactly?

By the way.. at the top of the sentinal thing it says 2.1.0 ... Is that supposed to be right? or is it supposed to say 2.1.1 ? Razz

Posted: Mon Dec 06, 2004 3:50 pm

If you d/l the 2.1.1 it should say 2.1.1. I thought my d/l was corrected. When you say the security code is gone, do you mean you have a red X? If so, please see [ Only registered users can see links on this board! Get registered or login! ]

Posted: Tue Dec 07, 2004 12:02 am

well.. this problem occured after i added that line to the mainfile.php

do you have a link in how to install sentinel using a FRESH copy of phpnuke? Step by step so I can ensure i did everything right?

Because what i did was install the fresh copy first, the sql file too.
It is version 7.0 php nuke with the 2.7 patch included. And then I uploaded all the sentinel files as were into the php nuke folder called PHP and then i installed the sql file... after that I ran into the previous error that i couldn't log in... then i fixed that with ur help by renaming the .htaccess and .staccess and then I went to admin panel and saw that code... and then I added that code to the MAINFILE.php and now I see a BIG RED X on the security code... so now... is sentinel supposed to prevent everyone from the site Razz

lol or did i do something wrong???

I would really appreciate your help in making a version of PHPNUKE 7+ work with sentinel Razz

I had same error with 7.5 ... but i still dont get it...
help is apprecaited Razz

thnx again...

Posted: Tue Dec 07, 2004 1:50 am

Okie Dokie...

I fixed the security code problem by checking the config.php and found two extra blank lines at the end! Now that is fixed!

Now back to installing sentinel!

I uploaded the files, sql installed, mainfile.php added the lines and now just one question left...

what do i do with the .htaccess and .staccess?

Posted: Tue Dec 07, 2004 2:06 am

Ok now...

I installed sentinel and changed .htaccess + .staccess to CHMOD 666 and renamed em like said...

and now that login box pops up again and asks for password and username

I try the admin pass and username and it wont work and instead takes me to error page...

Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

Code:




Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. 








--------------------------------------------------------------------------------





Apache/1.3.33 Server at [ Only registered users can see links on this board! Get registered or login! ] Port 80

any ideas to this problem??

Posted: Tue Dec 07, 2004 10:51 am

Did you encrypt your password before placing it in .staccess?

Posted: Tue Dec 07, 2004 12:45 pm

Placing what where?

I don't know what to do exactly with the .htaccess and .staccess... can u explain what is needed to be done with these two files?

Posted: Tue Dec 07, 2004 2:04 pm

[ Only registered users can see links on this board! Get registered or login! ]

Posted: Tue Dec 07, 2004 5:13 pm

Hey... I couldnt get into the admin again because of HTTP Auth and then I made it 0 in nsnst_config sql and now i can...

how do i add an admin to the http_auth?

plz help ! Very Happy

Posted: Tue Dec 07, 2004 5:19 pm

In Nuke-Sentinel scan for new admins after creating the new admin (Through the normal process) set the password for each listed (and for your user).

Wait are you using the alternative method or the http auth method?

Posted: Tue Dec 07, 2004 7:03 pm

Ok I think im using HTTP auth... lol i just finished installing the fresh copy and installing sentinel 2.1.1 ... version of nuke 7.5 patched 2.7.

Now I couldnt get into admin because of this gay login box. I got rid of that through NSNST_Config sql table.

Now I would like it to recognize my admin so .. how do i do that .. create an admin for it to recognize so i can log in...

any ideas?

registered · Posted: Sun Dec 12, 2004 7:26 pm

How it does not work for me

config table is 0
chmoded to 0666
scan for admins - admin is there Case is used correctly

.htaccess in root no admitance (Using same exact login as Site Admin)
no .htaccess normal admin functions

Sentinel 2.1.1 installed today if I get working then it will go on all my Nuke sites
no other patches or code edits beyond the Readme TXT

gfx=0 (does the gfx option have to be used?)

I should mention this is a 7.5 Site

New Member Joined: Dec 09, 2004 Posts: 12

I'm having similar issues, actually. It's almost like the .htaccess isn't even acknowledging the existence of the .staccess file. The files are there, the paths are correct, but it almost seems like the .htaccess file isn't reading the .staccess file.

Posted: Mon Dec 13, 2004 12:41 pm

I know this is a very doumb question but did you set (in the main NukeSentinel admin page) Auth to CGIAuth?

Posted: Mon Dec 13, 2004 2:38 pm

I tried it multiple ways. First, I tried just making the .htaccess and the .staccess without doing anything in Sentinel, because this doesn't really have anything to do with Sentinel. (After doing some .htaccess research elsewhere.) That's where I seem to run into problems. So I removed the .htaccess and turned on the CGIAuth inside Sentinel. That didn't seem to do anything at all, so I turned on both the .htaccess and the CGIAuth, which gives me the same problem as just using the .htaccess.

I'm wondering at this point if it has anything to do with Sentinel at all. I may be configuring the CGIAuth incorrectly, or may not even be able to use it. It may also be an issue with the server. The .htaccess is doing what it's supposed to do, but it's just not accepting any passwords.

I can't find any clear documentation on CGIAuth, how to set it up or if it will even work with my installation. I've seen a lot of references to HTTP Auth in the forums here, but I don't have any such option in Sentinel, so I've just been kind of assuming that by setting protection to "Off", it defaulted to HTTP.

I guess I'm a little slow, but I just don't get it. After a little more research, I just don't think that my .htaccess issue has anything to do with Sentinel at all... Not sure about the CGIAuth.

Posted: Tue Dec 14, 2004 12:09 am

BobMarion wrote:

I know this is a very doumb question but did you set (in the main NukeSentinel admin page) Auth to CGIAuth?

Code:

# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .staccess>


  deny from all


</Files>





<Files admin.php>


   <Limit GET POST PUT>


      require valid-user


   </Limit>


   AuthName "Restricted by NukeSentinel(tm)"


   AuthType Basic


   AuthUserFile /var/www/html/.staccess


</Files>


# -------------------------------------------


# End of NukeSentinel(tm) admin.php Auth


# -------------------------------------------

if you mean this, then yes this is my .htaccess

Like Bellor, I too have tried differant configurations (including a 25th reading of the setup instructions to make sure it was install correctly)

Posted: Tue Dec 14, 2004 5:37 am

Have you added your username and encrypted password to the .staccess file?