Member blocked but got in via Back Button on browser!

New Member Joined: Dec 08, 2005 Posts: 24 Location: Sweden

1 of my clan members tried to send me a script via PM and Sentinel blocked him, well sort off. He got the black screen of death telling him he was blocked from the site for an "Unknown Attack" on my site, but he was able to press the back button and he could get back onto the site. Now I know Sentinels working as a German tried to hack me last nite (i'll send the details shortly when I find where to send em too!!) I just wondered, can I stop this from happening again, I mean pressing the back button?

Site Admin Joined: Jun 04, 2004 Posts: 6433

The back button isn't the issue. Check the blocker settings for unknown attacks and make sure it's set to block, instead of just warn. Also, if the member is authorized / protected, (s)he'll get the warning without being blocked.

Posted: Mon Aug 28, 2006 7:05 am

Hi thx for the very quick reply.

No hes not protected i've double checked to make sure. As for the Blocker Settings, do you mean in "Blocker Configuration"? If you do I don't have "Unknown Attacks". I've gone down the list and they're all set to "Block Duration: Permanent"

I'm using Version 2.4.2pl9, but after last nights attempt i'll be upgrading shortly

Posted: Mon Aug 28, 2006 7:19 am

Was the IP blocked - and showing in the blocked IP list?

That's very strange - shouldn't have been a problem in 2.4.2pl9.

Posted: Mon Aug 28, 2006 8:41 am

Take a look at your blockers, as kguske has suggested, namely the "Activate" option. There are several options in this drop down. If you don't have "Block" anywhere in the option that you selected, NS will not write it to the DB.

Posted: Tue Aug 29, 2006 7:27 am

Thanks for the replies guys,

No the IP was'nt added to the banned list and hes still able to get access to the site as before!!

Just looked at the Activate Settings for all the "Blocker Settings" and most of them are set to Email, Block and Default Page, Scripting Blocker was set to Email Admin. Do you think its wise to make them all the same apart from Admin?

Posted: Tue Aug 29, 2006 10:03 am

Quote:

No hes not protected i've double checked to make sure

There are two ways to do this, by the way: 1) if they are set up as an Admin (author) and they are "Protected" in the Admin Auth List page, and 2) via the Protected Range Menu -> Add Protected Range. Both places need to be checked.

In addition, are you certain that in NukeSentinel's General Settings page that you do not have the "NukeSentinel(tm) Status:" switch set to "Disabled".

Quote:

Just looked at the Activate Settings for all the "Blocker Settings" and most of them are set to Email, Block and Default Page, Scripting Blocker was set to Email Admin. Do you think its wise to make them all the same apart from Admin?

IMO, the following should be set for full block: ADMIN, AUTHOR, CLIKE, UNION, Filters and Scripting. The others are more by personal preference.

Posted: Wed Aug 30, 2006 3:04 am

If your user hit the 'back' button in the browser, surely he would have been looking at a cached page in any event?
So your saying he can still get access?

Posted: Wed Aug 30, 2006 4:05 am

Thx for the info montego, i'm going to have a look shortly. 1 thing I do know is I have checked the admins and theres only me listed, as for the other things i'm gonna look shortly, thx

Guardian, yes mate he hit the back button after receiving the "black screen of death" with the "Unknown Attack" warning on and is still visiting my site. He is a clan mamber and has been for some time now, otherwise i'd have banned him.

Posted: Wed Aug 30, 2006 4:11 am

Ive just tried to put the script in here for you to see and I get the same "black screen of death"!!! I also pressed the back button and, well i'm typing this now!! If you want to look at the coding i'll gladly email it to you guys, but it won't let me put it on here!!

Will you please let Raven know its me!!!

ANT