Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
Ant
New Member
New Member


Joined: Dec 08, 2005
Posts: 24
Location: Sweden

PostPosted: Tue Dec 05, 2006 3:20 am Reply with quote

Hi there,
I've been doing some upgrades to Sentinel and logged out of Admin then instead of logging back onto my site I clicked on the admin link and it banned me. I know, I should have protected my IP and it was on my list of things to do. I went into PhPMyAdmin to unblock myself and followed the info from this link: Only registered users can see links on this board! Get registered or login!
But I can't see my IP. If I do a search for it it says its in nuke_nsnst_blocked_ips but I can't see it and when I go to my site I get:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, Only registered users can see links on this board! Get registered or login! and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

I presume thats because I have blocked myself?

Can anyone help an idiot out please Embarassed Embarassed

_________________
ONLY THE DEAD HAVE SEEN THE END OF WAR....PLATO 
View user's profile Send private message Visit poster's website
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Tue Dec 05, 2006 4:52 am Reply with quote

Try removing your htaccess file temporarily.
Your IP may be in there as well but it is unusual to get a 500 error as this indicates you asked PHP to do something it cannot.
 
View user's profile Send private message Send e-mail
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9456
Location: Arizona

PostPosted: Tue Dec 05, 2006 6:46 am Reply with quote

Sounds like it somehow wrote the IP wrong in the .htaccess file (if you are getting the 500 error). I would scour the .htaccess file for anything that doesn't look "right" to you.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Ant
PostPosted: Tue Dec 05, 2006 7:23 am Reply with quote

Many many thanks for your help,

I've just looked for the .htaccess file and its not there I could have sworn it was when I re-installed Raven and the updates. I have recently moved hosts and transferred in my domain to my new hosts and gone from using cPanel to DirectAdmin, do you think that could do with the file not being there or maybe its hidden for security purposes? I have no idea i'm not too clued up on this! I have checked the other files and folders and none have been accessed and nothing out of the ordinary in the log files either.

I meant to say as well, shortly after I locked myself out I received an email saying that I had been banned and the reason was Abuse-Admin.
 
Ant
PostPosted: Thu Dec 07, 2006 1:26 am Reply with quote

Hi there,

Had a reply from my hosts who said inside the .htaccess file I had the following line:
php_flag register_globals Offdeny from "THEN MY IP" They changed it and the site reappeared but I was still banned. I cleared out my IP from nuke_nsnt_blocked_ips by clicking on "Empty" (I'm the only one banned so far) then it let me in. BUT now when I try and login as admin it won't let me. I've tried all my passwords but nothing, I have another Admin account and thats the same. I've also cleared out the cookies but to no avail. Is there anyway to delete the passwords and reassign new ones? I've looked in nuke_authors and can't see anything and PhpMyAdmin is a bit daunting and I don't want to mess things up
 
montego
PostPosted: Thu Dec 07, 2006 6:08 am Reply with quote

Quote:

php_flag register_globals Offdeny from "THEN MY IP"


Ok, that sounds like you did not have a blank line at the bottom of your .htaccess file (per instructions). That would definitely do it. I'm just Embarassed that I didn't think of that sooner (sorry).

Can you explain further what you mean by this:

Quote:

I've looked in nuke_authors and can't see anything


Are you not seeing any record(s) in that table? If not, that is the first problem. You have to have an nuke admin account set up first before you really can do anything with NS.
 
Ant
PostPosted: Thu Dec 07, 2006 12:57 pm Reply with quote

montego wrote:
Ok, that sounds like you did not have a blank line at the bottom of your .htaccess file (per instructions). That would definitely do it. I'm just Embarassed that I didn't think of that sooner (sorry).


Its ok montego don't worry about it i'm grateful of your help.


Quote:
Can you explain further what you mean by this:

I've looked in nuke_authors and can't see anything
Are you not seeing any record(s) in that table? If not, that is the first problem. You have to have an nuke admin account set up first before you really can do anything with NS.

When I did a search in the forum I found a post somewhere (now I can't find it Shocked) and they mentioned deleting there Ip from there if I remember right, knowing me though it probably didn't!

I seem to have tables in nuke_authors if thats what they are called i'll not do a screenshot and put it on here I don't know if it would be ok. I did have a Nuke Admin (God) account setup as I created another Admin account a day or so before this went t**s up and I was looking at it. Strange thing is I tried to upgrade to the latest patch and I could'nt log into Admin after that so I went to the previous patch which worked great till yesterday.

Does any information about Admins get stored in the .htaccess file?

I'm out of my league with this montego so any help would be really appreciated
 
Ant
PostPosted: Thu Dec 07, 2006 1:01 pm Reply with quote

This is strange, i've just re-upped a .htaccess file from a backup I had and now I have Admin access, though the Admin block dosen't show up I can get in, how I don't know, i'm confused now!
 
montego
PostPosted: Fri Dec 08, 2006 6:41 am Reply with quote

But, when you type in admin.php into the browser, is it giving you the pop-up login dialog? If so, then I would chaulk it up to "gremlins".
 
Ant
PostPosted: Sat Dec 09, 2006 1:08 am Reply with quote

Yea its giving me the login box and I can now login montego, though no admin block on the main page! I'm in and thats all that matters,

Thanks for your help montego

ANT
 
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Sat Dec 09, 2006 4:00 pm Reply with quote

I would try reloading the index page, it may be pulling it from your browsers cache.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
montego
PostPosted: Sun Dec 10, 2006 10:16 am Reply with quote

Check you blocks administration. You may not have it turned "On" for Administrators.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©