Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
mainvent
New Member
New Member


Joined: May 11, 2006
Posts: 15

PostPosted: Mon Nov 06, 2006 4:50 pm Reply with quote

I have been reading all the posts about how to set up nuke sentinel to work with CGIAuth. My problem is that I get to the Admin login box and my user name/password do not work. I have checked everything possible, all my information seems to be correct. If it is not too much to ask, would someone mind figure out how to set up my .htaccess and .staccess files and get this to work. I would most truly appreciate it.
 
View user's profile Send private message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Mon Nov 06, 2006 10:10 pm Reply with quote

Welcome.

The user ID and password used with admin authentication is separate from the admin user and from the site user. You can make them identical, but I highly recommend that the admin user / pw be different from the admin authentication user / pw.

Depending on your PHP configuration, the admin authentication user and encrypted password can be stored in a file like .staccess. You can create this file manually (see instructions and utilities in the forums here), or you can use NukeSentinel to maintain it. Other than possibly creating the password file and modifying the .htaccess file to use it, NukeSentinel doesn't really do anything else to "work with" admin authentication. The .htaccess / .staccess approach is actually supported by Apache.

Once you authenticate with the .staccess user and password, you can log on to admin.php using the admin user ID and password creating when you installed Nuke (or another author you've subsequently created).

Which posts did you use to check everything? Did you verify that the admin authentication user and password are stored correctly in .staccess?

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
mainvent
PostPosted: Mon Nov 06, 2006 10:36 pm Reply with quote

So what do I need to do. I have set the admin name and password in the nuke menu, and sent it to my .staccess. I checked the file, it has the username and some type of encrypted password. I currently have .htaccess named sample.htaccess because otherwise I cannot access my admin at all. I am running a apache server and CGIAuth is the only auth available. What do I need to do to make sure sentinel is functioning correctly. At the moment I feel like it's not even working, I'm just trying to figure out what's left to configure.
 
kguske
PostPosted: Mon Nov 06, 2006 10:53 pm Reply with quote

Usually, if admin authentication isn't working (and you're using the correct password, of course), the problem is an incorrect path defined in the .htaccess (or the .staccess file isn't where .htaccess expects it). Check the path of your .staccess file and make sure the file is where it is expected (don't post the exact location here as it opens you up for certain attacks).
 
mainvent
PostPosted: Mon Nov 06, 2006 11:05 pm Reply with quote

The .htaccess and .staccess are set correctly in the nuke menu, as well as the .htaccess file. Once I take the sample.htaccess and make it just .htaccess, the login box stars appearing and I cannot login.
 
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Mon Nov 06, 2006 11:30 pm Reply with quote

Ahh, now that explains it. Click the setup .staccess button in nuke sentinel admin page. Now that will give you what to put in the .htaccess, then click Scan for New Admins, that will allow you to create the admin logins and setup the proper information in .staccess.

Dont forget before goin on, chmod both .htaccess and .staccess to 666.

Hope this fixes your error as it should.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
mainvent
PostPosted: Tue Nov 07, 2006 6:18 am Reply with quote

I emptied my .htaccess and .staccess files and uploaded them again, cmod 666. I went to nuke administration and selected CGIAuth for Admin Auth. I put the correct path to my .htaccess and .staccess files. Then I clicked CGIAuth Setup next to .staccess and it gave me this...I put this in my .htaccess and uploaded after completing the next few steps, otherwise it would not let me access admin.

Quote:

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile .staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------


I then went to Scan For New Admins and the scan completed, then I clicked on Admin Auth List. It shows my Login Name and Password. I clicked Build CGIAuth file: .staccess. The process completed. Then uploaded my new .htaccess file and set it to .666 just to be safe. When i went to admin login, I got a login box...but the user name and password would not work again.
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9456
Location: Arizona

PostPosted: Tue Nov 07, 2006 6:44 am Reply with quote

Quote:

Then uploaded my new .htaccess file


I have a feeling that the path youhave set for the .staccess file is not the same as your local setup vs. your "uploaded" site. That path has to be right, or this will never work.

You are on the right track though so far that I can see...

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
mainvent
PostPosted: Tue Nov 07, 2006 3:36 pm Reply with quote

Well I'm about ready to give up, can't spend a whole week worrying about this haha. Thank you Montego, kguske and darklord for all your help.
 
kguske
PostPosted: Tue Nov 07, 2006 5:54 pm Reply with quote

If you would, please post the path of your .staccess and your .htaccess files (with your account name removed for security purposes). Is your .staccess file in the same directory as .htaccess?
 
mainvent
PostPosted: Tue Nov 07, 2006 6:43 pm Reply with quote

.htaccess (nuke root)

Quote:
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile /home/www/wilray.freehostia.com/.staccess
</Files>


.staccess (nuke root)

Quote:
fakename:encryptedpassword (real name and password in my file)


Nuke Administration Settings

Admin Auth: Admin CGIAuth

.htaccess Path: /home/www/wilray.freehostia.com/.htaccess

.staccess Path: /home/www/wilray.freehostia.com/.staccess
 
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Tue Nov 07, 2006 7:07 pm Reply with quote

but should i be able to read his .staccess file?
im sure something is wrong there...
cause with the info inside i know now what i shouldnt know....
 
View user's profile Send private message
mainvent
PostPosted: Tue Nov 07, 2006 7:20 pm Reply with quote

I took away the permissions to the file altogether. Until I can get this figured out I'm not going to allow staccess or htaccess at all. I'm about to get rid of nuke altogether, cause this is starting to aggravate me.
 
hitwalker
PostPosted: Tue Nov 07, 2006 7:26 pm Reply with quote

Well take it easy mainvent ,they are trying to help you.....
and dont get frustrated cause there's no need for that...
there are a few who replied here with enough knowledge that can solve it...
but maybe you can give one of them access....that works much faster then this....
 
mainvent
PostPosted: Tue Nov 07, 2006 7:28 pm Reply with quote

I'd be glad to give someone access. I will need to know who exactly and we can set that up. Sorry for getting frustrated, been a long weekend to have to be worrying with all this. I appreciate everyone's help.
 
hitwalker
PostPosted: Tue Nov 07, 2006 7:35 pm Reply with quote

well you could PM kguske.
do that with all the full info...site/ftp.... so he can login....
thats faster then posting all the time......
 
mainvent
PostPosted: Tue Nov 07, 2006 8:00 pm Reply with quote

Ok I sent kguske a pm with my ftp and site info. Hopefully he can figure out what the problem is.
 
hitwalker
PostPosted: Tue Nov 07, 2006 8:02 pm Reply with quote

ok thats nice....
as soon as he gets the mail and gets online im sure he will help...
 
montego
PostPosted: Wed Nov 08, 2006 6:41 am Reply with quote

I have seen, at times, where "www" is really a symbolic link to the real path. You might want to see if that is the case (I can tell using the FileZilla FTP tool on some of my own sites). You may need to use the full path which does NOT use the link. On some of my sites "www" is a symbolic link to "public_html".

I recall seeing a post from Raven about this issue awhile back, so be sure to use the full, real (not link) path if you can.
 
kguske
PostPosted: Wed Nov 08, 2006 7:08 am Reply with quote

Got the info and will take a look today.
 
mainvent
PostPosted: Wed Nov 08, 2006 10:41 am Reply with quote

Thank you kguske.
 
kguske
PostPosted: Wed Nov 08, 2006 9:17 pm Reply with quote

Pretty strange. I copy a file, say 1.htaccess to your server. Fine. As soon as I rename it .htaccess, it disappears. I don't think it's an FTP thing, either, since the space indicates that the file was removed.

I'd suggest contacting your webhost about this. I checked the forums there, and they recommend using a control panel tool for protecting folders (which, of course, isn't what you're trying to do). But there are several references to .htaccess and how it might conflict with that function. It may be that they no longer support .htaccess, but it appears to be something else...
 
mainvent
PostPosted: Wed Nov 08, 2006 9:37 pm Reply with quote

I've decided I'm going to change hosts. Thank you very much for your support everyone. Top notch!
 
kguske
PostPosted: Thu Nov 09, 2006 7:25 am Reply with quote

Did you find out anything from your host? If so, it would help us in the future.
 
mainvent
PostPosted: Thu Nov 09, 2006 2:48 pm Reply with quote

Sent them a message, waiting on a reply. I'll post the results once they come back.

Message Sent
Quote:
I have set up php-nuke on my website, and I am trying to install Nuke Sentinel (Security Addon) for php-nuke. Nuke Sentinel requires .htaccess to set file and folder permissions, but for some reason once I upload the .htaccess file to my website, it disappears? I don't think it's an FTP thing, either, since the space indicates that the file was removed. I understand that you recommend using the control panel tool for protecting folders, but that isn't what I'm trying to do.I am trying to figure out what might be conflicting with the .htaccess function. It may be that you no longer support .htaccess, but it appears to be something else...
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©