Author |
Message |
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
Posted:
Thu Sep 21, 2006 7:40 am |
|
ive never seen this before.....
an admin from a site visits and gets kicked on the spot...
anyone can explain what happens here...
Date & Time: 2006-09-21
Blocked IP:
User ID: Anonymous (1)
Reason: Abuse-Harvest
String Match: indy library
--------------------
User Agent: Mozilla/3.0 (compatible; Indy Library)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Get String: [ Only registered users can see links on this board! Get registered or login! ]
Post String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address:
Remote Port: 1533
Request Method: HEAD
And the url is realy [ Only registered users can see links on this board! Get registered or login! ]
so where does the rest comes from and why the ban? |
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6433
|
Posted:
Thu Sep 21, 2006 11:38 am |
|
|
|
|
hitwalker
|
Posted:
Thu Sep 21, 2006 2:16 pm |
|
mmmm..,but it shows the url like /cgi-php/phpwrapper in the query,get,and post string..
Where does that comes from....
the site has pure normal stuff,just plain text...nothing more...
and what you mean with user agent triggered ? |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
Posted:
Thu Sep 21, 2006 6:13 pm |
|
|
|
|
hitwalker
|
Posted:
Thu Sep 21, 2006 6:21 pm |
|
hi, no its not my site....
i was asked to helpwith some things,upgrading sentinel was one of the things....
but thing is,to me nothing happens...
but others that just drop in and use the language block get banned...
so could it be PHP compiled as a CGI module ?
But wouldnt that be weird?
I never read anything abywhere that such a config would ban people,not to mention the weird query,get,and post string url it shows ... |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
Posted:
Thu Sep 21, 2006 7:51 pm |
|
|
|
|
hitwalker
|
Posted:
Thu Sep 21, 2006 8:03 pm |
|
well thing is,i dont think they are so interested in all of this...
in situations like this,a script like sentinel gets the blame,but infact they dont know what its all about...
a few admin,or some important people should be able to get on the site,or administrate it whatever....
but they never seen something like sentinel...,so they mail a black banned screenshot asking what it is....
is it a plain?...no...is it a bird?......no....its sentinel.. !!!!
huh,whats that? |
|
|
|
|
montego
|
Posted:
Fri Sep 22, 2006 6:04 am |
|
Well, I am trying to help you debug this. NukeSentinel is doing what it supposed to be doing. But, if you don't think this Indy Library is anything to be concerned with, you have two choices: turn off Harvestor Blocker or remove that line from the list of user agents.
If you want to try and figure out why a regular browser is causing the user agent to be this, then you might want to ask them about what I posted in my previous note. |
|
|
|
|
hitwalker
|
Posted:
Fri Sep 22, 2006 6:17 am |
|
yes thanks, i already took it out and maild them to try a few things...
see how that goes.... |
|
|
|
|
|