| Author |
Message |
toyotaTRD
Hangin' Around
Joined: Feb 08, 2005
Posts: 35
Location: Greece
|
 Posted:
Fri Feb 18, 2005 4:11 am |
|
Hi all ! i'm a newb here and i have one question. i've got nuke 7.4 and i downloades sentinel 2.1.3 UNI. i've uploaded all files and the only thing that remains is the .htaccess. how i upload it ? i just have to upload it to my root or have i to copy the sample .htaccess to my .htaccess ? sorry if i'm confusing but since last week we had a serious problem with albanian hackers here in greece |
| |
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Fri Feb 18, 2005 6:01 am |
|
If you already have a .htaccess and you are NOT using CGIAuth, then you don't need to do anything except change your permission on your .htaccess to 666. |
| |
|
|
|
|
toyotaTRD
|
| Posted:
Fri Feb 18, 2005 9:41 am |
|
definately i'm not using CGIAuth. so i'm uploding the sample.htaccess after having it renamed to .htaccess and chmod 666. thanks alot for helping! you're great!
oh, how should i now that my .htaccess has at least an empty line at the end of it ? |
| |
|
|
|
|
Raven
|
| Posted:
Fri Feb 18, 2005 9:49 am |
|
When you look at it in your file editor you will see a blank line as the last line. |
| |
|
|
|
|
toyotaTRD
|
| Posted:
Fri Feb 18, 2005 10:02 am |
|
when i open it i see that there is nothing written. |
| |
|
|
|
|
Raven
|
| Posted:
Fri Feb 18, 2005 10:15 am |
|
|
|
|
|
toyotaTRD
|
| Posted:
Fri Feb 18, 2005 10:17 am |
|
thanks again ! i love this community... |
| |
|
|
|
|
2McAbre
New Member
Joined: Feb 16, 2005
Posts: 20
|
| Posted:
Sat Feb 19, 2005 10:58 am |
|
My turn! Installed Nuke Sentinel 2.1.3 (nuke 7.6) and set it all up without a problem. I accidentally banned my self, but managed to get around that.
However, since I removed my "banned" ip from the .htaccess file sentinel will no longer write banned ips to it (actually wont write anything to it).
It is at 666, and there is a blank line… (actually the whole file is blank)
I went to block an entire range of IP's (fortunecity has a new scheme which inserts pop up window code into unsuspecting websites via SSI, then pings referrers into sites with an extension of get.to, this sends you to the unsuspecting site, where you get the pop up with a search box and advertising from a company called V3.com!)
Anyway, nothing is being written to the .htaccess file since I removed my own blocked IP.
Any ideas? I did make sure to verify the path is correct, so I know that's not the problem. |
Last edited by 2McAbre on Sat Feb 19, 2005 3:15 pm; edited 1 time in total |
|
|
|
|
Raven
|
| Posted:
Sat Feb 19, 2005 12:09 pm |
|
Path should be .htaccess
Permissions 666 (alternately try 777)
Veryify that writ to a.htaccess is on for the type of exploit being tested |
| |
|
|
|
|
2McAbre
|
| Posted:
Sat Feb 19, 2005 3:13 pm |
|
 Did all that (honest) and still nothing writes to the .htaccess file.
I've been reading through lots of posts, and get a bit of confliction, some posts say its not necessary to have the file, while others go out of the way to let folks know how to set them up.
So is it absolutely necessary for the stuff to be written to the htaccess file?
I can still block myself on purpose, so NukeSentinel is doing its job, just not getting a dual layered protection that I'd get if the data was written to the .htaccess file as well.
I mean I don't have a site that most folks would really want to hack or exploit anyway… Well unless they got the warning page and were offended by how I altered the templates!
Nothing obscene mind you, just a little animated butt with a PIC label suggesting they kiss it! And they would only see that if they hovered their cursor over the image… |
| |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2496
|
| Posted:
Sat Feb 19, 2005 4:35 pm |
|
It is safer to use the htaccess method because it will enforce the ban at the server level for all of the site in or below that directory. The integrated ban only enforces phpnuked pages.
Check the permissions on the .htaccess file from you hosting Control Panel sometimes ftp clients will think they have changed permissions but really they did not succeed. |
_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 |
|
|
|
|
Raven
|
| Posted:
Sat Feb 19, 2005 4:53 pm |
|
If you use .htaccess and .staccess you are at the server level. If you only use HTTPAuth your more at the site level. The writing to .htaccess is a function of NukeSentinel and not HTTP/CGIAuth. |
| |
|
|
|
|
2McAbre
|
| Posted:
Sat Feb 19, 2005 5:37 pm |
|
Hmmm I honestly cannot figure out what the problem is, my htaccess file is set to 777
 this is directly from my server CP.
I have looked into all the various blocks, and they all have "Yes" to write to htaccess, the path is correct in NS settings, checked, double checked and verified.
Still nothing writes to the file.
I know NS sees the file, cause I changed the permissions "down" to check the path and got a warning message on the line below the path when I did saying something to the effect that the file either didn't exist, or that it didn't have the correct permissions.
I did make a change "re" Menalto Gallery (problem with when you clicked on a thumbnail the full size image wouldn't display, got an error in sentinel.php) followed the one fellows suggestion to ad a couple characters, which fixed that problem.
Could that have broken something else? Though I believe I actually did that before I accidentally blocked myself.
This is just weird cause I know it was writing stuff to the file prior to my accidentally blocking myself. But since I have cleaned that error out it will not write to the file anymore  |
| |
|
|
|
|
2McAbre
|
| Posted:
Sat Feb 19, 2005 5:49 pm |
|
P.S. How I accidentally blocked myself and fixed it.
Was logged into admin page, then logged out. Didn't wait for the logged out confirmation screen and thought "Darnit" forgot something, and clicked the back button, which still showed my admin page.
When I clicked on an icon… I got blocked! 
To fix I just dialed in on my other computer, (different IP) and logged into admin control, and removed the blocked IP. then edited it out of .htaccess file in root folder.
So I know NS is writing stuff to the file, it wrote the blocked IP there. But every since I fixed it, NS will not write anything to the file at all.
I am considering uninstalling and then reinstalling to see if that will work, but that's Hard Core and I try to use that as a last option.
Thanks!
Whats makes it more frustrating to me is that I am really not a  to the whole online and website stuff. I am just old school HTML and am trying to learn some new tricks. (Heck I coded all my pages the hard way without the use of any wysiwyg editors, and they all passed 4.01 compliance checks!) |
| |
|
|
|
|
Raven
|
| Posted:
Sat Feb 19, 2005 6:42 pm |
|
If I were you (you'd be in trouble  ) I'd edeinstall everything and start over. |
| |
|
|
|
|
PHrEEkie
Subject Matter Expert
Joined: Feb 23, 2004
Posts: 358
|
| Posted:
Sat Feb 19, 2005 7:02 pm |
|
If you're logged in as a Super or protected Admin, nothing will be written to .htaccess. That you logged out and it wrote to .htaccess proves it is working correctly.
Your .htaccess should be at 666, not 777. Make sure there is always one line-feed or carraige return at the end of the .htaccess file. Your install is probably working fine... you just have to be logged out as an Admin to test the write functions, otherwise you just get a blocked screen and nothing is written to any files.
PHrEEk |
_________________
PHP - Breaking your legacy scripts one build at a time. |
|
|
|
|
Raven
|
| Posted:
Sat Feb 19, 2005 7:04 pm |
|
 - I knew there was a reason I pay you the big bucks to ride shotgun over me |
| |
|
|
|
|
PHrEEkie
|
| Posted:
Sat Feb 19, 2005 7:21 pm |
|
As long as someone has my six too... = ) We get so caught up with de-bugging other's problems that sometimes the obvious escapes us.
/obvious
Get it? obvious.. escaped... haha eh... code humor. I think I'm a geek now. 
I need a vacation.
PHrEEk |
| |
|
|
|
|
2McAbre
|
| Posted:
Sun Feb 20, 2005 10:02 am |
|
I am thinking it has to be something wrong with how my server is configured or something. My server CP will write data to the file from the block IP function there.
NS simply will not write anything to the .htaccess file.
Step 1.) Log into My Nuke Admin, click on NS and NS Config, select one of the blocker settings…
Set write to as yes, click save… Exit of of Nuke Admin…
Nothing is written to the .htaccess file.
From the main NS admin screen, I know NS is seeing the file. If I CHMOD the permission incorrectly I see this…
There is the warning message.
When I CHMOD the file correctly the error message goes away…
I know that NS did write to the file, as when I accidentally blocked myself, I had to remove my IP from the .htaccess file.
However since doing that, NS will no longer write to the file.
I think I will just do an uninstall and reinstall to see if that fixes it. Isnt like brain surgery, though in my case maybe surgery would help.  |
| |
|
|
|
|
toyotaTRD
|
| Posted:
Sun Feb 20, 2005 10:03 am |
|
guys i got one more question in replacing the lang-eng.php . should i do this by copying the sentinel lang-eng into my default lang-eng plus uploading the folder that's included ? |
| |
|
|
|
|
2McAbre
|
| Posted:
Sun Feb 20, 2005 10:23 am |
|
OK you guys are going to think I am nutso, but…
I purposely caused myself to be blocked… Worked fine, got the "You are Naughty" screen.
Logged in on my other computer. There I am scrolling down the list.
[ Only registered users can see links on this board! Get registered or login! ]
Looked at my .htaccess file and NS wrote that block in!
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from 66.179.229.20
deny from 66.179.230.79
deny from 4.252.158.245
I am the one at the bottom, the stuff prior to that my server IP ban wrote in.
Just that NS will not write anything from within the Admin Mod CP.
I musta broke something! I'm just going to reinstall |
| |
|
|
|
|
Raven
|
| Posted:
Sun Feb 20, 2005 10:30 am |
|
2MC, in your pictures above you have it turned OFF. You need to turn it to Write to .htaccess. |
| |
|
|
|
|
Raven
|
| Posted:
Sun Feb 20, 2005 10:30 am |
|
| toyotaTRD wrote: | | guys i got one more question in replacing the lang-eng.php . should i do this by copying the sentinel lang-eng into my default lang-eng plus uploading the folder that's included ? |
No. Just upload the folder. |
| |
|
|
|
|
toyotaTRD
|
| Posted:
Sun Feb 20, 2005 10:45 am |
|
|
|
|
|
PHrEEkie
|
| Posted:
Sun Feb 20, 2005 1:51 pm |
|
2McAbre, you seemed to have had it working according to your post above my first post... but now you might have fussed with some settings and run it aground again.
First off:
The first drop-down in this image is set to OFF, which is disabling write to .htaccess. Turn it ON. I also told you above, that the correct CHMOD for .htacess is 666, not 600, not 644, not 700, not 777, it's 6 - 6 - 6. Is there exactly one carraige return at the end of the file? Your blocker settings look correct, and write to htaccess is configured for YES.
Log out as Admin. Close that browser to be sure the cookie is destroyed. Open a fresh browser and launch a test attack to the site.
PHrEEk |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
