Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
Bluezzz
Involved
Involved


Joined: Feb 08, 2005
Posts: 290
Location: USA

PostPosted: Sat Sep 02, 2006 9:29 pm Reply with quote

Thanks alot Guardian ... worked great! A couple more questions:

1) Should I cPanel pw protect any other nuke directory?
2) What login/pw should I use for the folders? Same as what I used for nuke admin?
3) For .htaccess, .staccess and ultramode.txt, do those still need to be 777 or can they be something else? I change them to 777 and within 24 hours they're reset, I'm contacting my host about the problem now but just wanted to know if 777 is a must of if it can be something else after I've gotten everything set up and working right and hopefully secure?

Thanks!

_________________
Bluezzz
~ Stop & smell the roses, while you can! ~ 
View user's profile Send private message
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Sun Sep 03, 2006 2:35 am Reply with quote

1 No
2 Anything you can remember but preferably use a password that you have not used before.
3 See the How to Install instructions.
.htaccess does not need to be 777 - use the lowest setting that still allows Sentinel to write to it (it may vary from server to server.
.staccess does not need to be written to once you have the password protection set up in Sentinel
ultramode only needs to be 777 if you are using it.
 
View user's profile Send private message Send e-mail
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Sun Sep 03, 2006 8:24 am Reply with quote

Regarding 3), once the files are created, then can be 666 I believe... Not sure about "ultramode", but to be honest with you, I see no value in using it. You can turn it off in the Admin --> Preferences.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Bluezzz
PostPosted: Mon Sep 04, 2006 1:06 pm Reply with quote

I put in my nuke username & pw and I do get prompted to enter those now but when I go to delete a post which is an Admin only function I get a page that says only Admin can delete ... I'm logged in under Admin so I shouldn't be getting that ... do I need to make sure all Admin accounts are in .staccess as in the normal nuke .staccess?
 
Guardian2003
PostPosted: Mon Sep 04, 2006 3:21 pm Reply with quote

Your problem has nothing to do with htaccess or staccess files.
If you are getting an eror message to the effect that only admins can delete posts then you need to make sure you are logged in as an admin via the Only registered users can see links on this board! Get registered or login! log-in.
If that doesnt work then you need to look in the forum admin area to see why your username is not assigned as an admin which it should be.
 
Bluezzz
PostPosted: Mon Sep 04, 2006 3:40 pm Reply with quote

I am logged into admin correctly. I am also showing in forums as admin ... I've only had this problem since doing the suggested above.
 
Guardian2003
PostPosted: Mon Sep 04, 2006 5:09 pm Reply with quote

I'm not seeing this issue on my own RN test site.
The only way I can reproduce this is by adding password authentication to the admin file not the admin folder.
 
ozbutcher
Worker
Worker


Joined: Jan 17, 2007
Posts: 170

PostPosted: Wed Feb 07, 2007 5:38 am Reply with quote

How do I know if its working.

I have added the .staccess and .htaccess files and set the setting 'Admin Auth' to: CGIAuth in nuke sentinel.

Is it supposed to ask from the password a second time. I have loaded /mysite/admin.php but nothing seems different.
 
View user's profile Send private message
Guardian2003
PostPosted: Wed Feb 07, 2007 11:42 am Reply with quote

I believe this thread is about protecting the Forums admin folder.
If you can post in the Nuke Sentinel forum as your post was about that, we can keep things clean and hopefully you'll get a faster response Smile
 
ozbutcher
PostPosted: Wed Feb 07, 2007 4:23 pm Reply with quote

Ah my mistake I was thinking of the nuke admin folder. however I would also like to protect my forum admin folder too, so I'll give this another go and place the files in there and see what happens.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©