Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.02.02 Distro
Author Message
burzurk
New Member
New Member


Joined: Oct 03, 2006
Posts: 9

PostPosted: Tue Oct 03, 2006 3:53 pm Reply with quote

"You are using an Invalid IP to access this site!"

Fresh install of the latest version raven76 2.02.02 with sentinel that was packaged with it on a hosted server (catch22media).

Got this directly after installation when trying to access the admin panel and then it also applied to even index.php, so researched here multiple threads.

1) edited out the config.php to set $bypassNukeSentinelInvalidIPCheck = TRUE; this worked to finish the installa dn configuration but it says that this should only be required for localhosts, turned it off after installation complete and got the same issue

2) updated based on this thread my IP2C's Only registered users can see links on this board! Get registered or login!

Code:
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=1493172224 AND `ip_hi`=1509949439;

DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=1224736768 AND `ip_hi`=1241513983;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=1275068416 AND `ip_hi`=1291845631;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=1509949440 AND `ip_hi`=1526726655;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=2030043136 AND `ip_hi`=2046820351;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=2046820352 AND `ip_hi`=2063597567;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=2063597568 AND `ip_hi`=2080374783;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=3170893824 AND `ip_hi`=3187671039;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=3198817280 AND `ip_hi`=3198817535;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=3288334336 AND `ip_hi`=3288334591;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=3289778176 AND `ip_hi`=3289778431;
DELETE FROM `nuke_nsnst_ip2country` WHERE `ip_lo`=3291358464 AND `ip_hi`=3291358719;
ALTER TABLE `nuke_nsnst_ip2country` ORDER BY `ip_lo`;
OPTIMIZE TABLE `nuke_nsnst_ip2country`;


Still getting the "You are using an Invalid IP to access this site!"


I can't find anything in one place here that tells me enough about Sentinel, how to update IP2C or where to get the latest data (short of the important updates page) etc....

Please help.

BurZurk
 
View user's profile Send private message
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Tue Oct 03, 2006 5:18 pm Reply with quote

hello , using the search-function in a efficient way would do miracles.
go to search and select Search title only , that should popup a buch of related topics...
 
View user's profile Send private message
burzurk
PostPosted: Tue Oct 03, 2006 5:36 pm Reply with quote

Quote:
so researched here multiple threads


search is where all my listed attempts or fixes had already came from and I ran out of similar situations in the search engine, or i'm missing it.

I'm not an expert but I'm also not an idiot, i looked and either i'm missing it or there are not the exact same scenarios that I have now.

Please point out a post that I may be missing. I've been searching all day.
Code:


In includes/nukesentinel.php on or about line 140,
FIND
// Invalid ip check
if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

CHANGE TO
// Invalid ip check
//if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }
 
burzurk
PostPosted: Tue Oct 03, 2006 5:47 pm Reply with quote

Ok went to try that and my file doesn't have that text it actually looks like this, so supposedly that was patched??

// Invalid ip check
if(isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck) {;}
elseif ($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }
 
hitwalker
PostPosted: Tue Oct 03, 2006 5:54 pm Reply with quote

Is everybody getting that error or just you ?
And whats your url ?
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Tue Oct 03, 2006 9:35 pm Reply with quote

Quote:
how to update IP2C or where to get the latest data


Go to Import to IP2Country and go through each countries data. Get the latest data from Only registered users can see links on this board! Get registered or login!

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
burzurk
PostPosted: Wed Oct 04, 2006 6:51 am Reply with quote

Initially I thought it was everyone, but now i am finding it is just me from home, from work I can get to it.

But I also can't logout? I am running this site during development in a sub directory of my regular production site
Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!

I am not registered on the new site with the name it displays when I pull it up, it must be using a cookie from the original site. So here at work I can't even attempt to login as admin, because it won't log me out unless I delete the previous cookie. This is going to cause issues for all my members if they need to re-register for the new site, the old cookie will mess it up. ANyway to resolve this? Can the cookie for the new site be named differently so it doesn't attempt to use this other one from the old site?

THen if i do get the members section transferred it still won't hurt anything, they'll just get a new cookie for the next login.

any ideas on either issue? are they related to my problem?
 
evaders99
PostPosted: Wed Oct 04, 2006 1:08 pm Reply with quote

Unfortunately the cookie names are the same, and are not set by different paths. If you had seperate subdomains though, that would work
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Wed Oct 04, 2006 2:22 pm Reply with quote

evaders99 wrote:
If you had seperate subdomains though, that would work


Odd thing is that I am even having issues with subdomains. At times it causes me to get the NS admin ban when I click on one of the ACP icons/links. Been living with it for a few months... Sad

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Wed Oct 04, 2006 5:02 pm Reply with quote

For subdomains, I have a fix for you.

in admin.php

Find

setcookie("admin",$admin,time()+2592000);


Replace with
setcookie("admin",$admin,time()+2592000,"/",".domain.com");


If this wasnt done previously, subdomains are a pain. lol.

This is a working fix for a client, cant guarantee it.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
burzurk
PostPosted: Wed Oct 04, 2006 8:19 pm Reply with quote

montego wrote:
evaders99 wrote:
If you had seperate subdomains though, that would work


Odd thing is that I am even having issues with subdomains. At times it causes me to get the NS admin ban when I click on one of the ACP icons/links. Been living with it for a few months... Sad


OOH that was happening to me too! until i deleted the cookie from the other site and now it works?

it was a guess on my part.

Anyway, it appears I am getting the "invalid IP" and i had another member try it today for the first time ( fyi, i just set this up for experimenting 2 days ago after my 6.5 site was hacked by turks), they had no issue, so perhaps it is as simple as the IP2C codes although I've had roughlyt eh same ip for 2 yrs so... iwouldn't expect it was recently released.

ANyway I'll let you know after I update the list, you can keep discussin the cookie thing though, I will be using the same url once this is ready, and if the members db doesn't transfer i could have issues. I would like a way for it to work without notifying all my 400 + members that they will need to replace it the first time they visit.
 
montego
PostPosted: Thu Oct 05, 2006 6:10 am Reply with quote

darklord, I will have to check that out. I would think that might be useful even for the user?

Thanks for sharing this!
 
gregexp
PostPosted: Thu Oct 05, 2006 10:54 pm Reply with quote

Perhaps, user cookie was not failing like the admins so that might not be an issue.
 
montego
PostPosted: Fri Oct 06, 2006 6:43 pm Reply with quote

Actually, been thinking about this more. I have seen some modules read the admin cookie directly rather than using the built-in nuke functions. I wonder if these would cause issues...
 
evaders99
PostPosted: Mon Oct 09, 2006 10:08 am Reply with quote

Yes that could be an issue. I know the latest Sentinel did that.. gave me some headaches in changing the code back
 
gregexp
PostPosted: Mon Oct 09, 2006 6:34 pm Reply with quote

well, The sudjested fix would be to make .domain.com to sub.domain.com but with trial and error, I found that does not work. In an environment of multiple subdomains, I cant see that working either, I guess it would be nice if the cookie name could change seeing that the domain name should work with subdomains.
php.net says to use subdomain for the settings, but I have found this not to work so well so perhaps Ill look into it further.
 
evaders99
PostPosted: Tue Oct 10, 2006 10:45 pm Reply with quote

I have the cookies working for different phpNuke sites on different subdomains, then again.. I've hacked the cookie names to pre-append a prefix value. Essentially I wrote a docookie2() routine to wrap the previous docookie() code and used mainfile.php to pull the correct cookie back into the phpNuke code
 
montego
PostPosted: Wed Oct 11, 2006 6:43 am Reply with quote

Evaders, is there any way to formalize that hack and make it available. I would love to see that implemented in RavenNuke as I believe that we do get alot of "false positives" in terms of NS bans due to the subdomain issue. I know, because it has struck me on several occassions as well.
 
evaders99
PostPosted: Wed Oct 11, 2006 10:41 am Reply with quote

My concern would be for those scripts that read the cookie values directly. But I will see what I can do to formalize the hack for release
 
montego
PostPosted: Wed Oct 11, 2006 8:20 pm Reply with quote

I agree. That is something I mentioned to Darklord as well, but not sure what to do about it. If the cookie reading/writing functions could be counted on to work properly and all of core phpnuke use them, we could possibly handle the questions. One thing to also consider is that we could make it switchable.

Now I almost wish we went with a configuration array for RavenNuke rather than all these individual switch definitions... I can see this growing in usefulness.
 
skeetch
New Member
New Member


Joined: Oct 20, 2007
Posts: 20

PostPosted: Thu Dec 11, 2008 10:02 am Reply with quote

I have had this issue in the past... I run several php nuke installations accross several sub-domains... here's my fix....

In the sentinel control panel, be sure your current I.P. address is NOT listed as a protected address RANGE, and also as a singularly protected I.P. ... When you login to a php site , sentinel compares the I.P. address to the known cookie, Vs the database.. if you try to login using the same cookie / I.P. you get the "Invalid admin cookie" error.

That fixed my issue for ALL of my module add-ons EXCEPT Kalendar (which no one seems to be able to fix)
 
View user's profile Send private message Visit poster's website
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Thu Dec 11, 2008 10:13 am Reply with quote

Sounds like you are using the same cookie name across the domain then but please bear in mind this thread is over two years old Wink
 
View user's profile Send private message Send e-mail
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.02.02 Distro

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©