Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x
Author Message
p17blo
Regular
Regular


Joined: Jul 27, 2007
Posts: 77

PostPosted: Tue Aug 28, 2007 10:05 am Reply with quote

I just got hit by a script abuser - 100+ notification messages, so why didn't sentinel Block the user?

Here is some of the email notification

Quote:

Date & Time: 2007-08-28 16:34:41 BST GMT +0100
Blocked IP: 64.x.x.x (Obscured)
User ID: Anonymous (1)
Reason: Abuse-Script
--------------------
User Agent: Mozilla/5.0 (compatible; MSIE 7.0; MSIE 6.0; Firefox/2.0.0.3
Query String: {removed}
Get String: {removed}
Post String: {removed}
Forwarded For: none
Client IP: none
Remote Address: 64.x.x.x (obscured)
Remote Port: 59088
Request Method: GET



I have obscured the IP address and changed my site name. I also just had to add spaces to stop me being blocked on this site!

I check my abuse script settings and it set to permanent block yet this didn't happen. I have just manually blocked them

Paul
 
View user's profile Send private message
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Tue Aug 28, 2007 10:36 am Reply with quote

What version of Sentinel are you using?

Has the IP address been added to the database?

Is your .htaccess writable?
 
View user's profile Send private message
p17blo
PostPosted: Tue Aug 28, 2007 11:50 am Reply with quote

I am using Sentinel that is in the latest dist of Ravennuke (which I think is 2.5.0Cool

The IP was only added to the Database when I manually added it

My .htaccess has attributes of 644

What I can tell you is that I followed a saved link directly to my waiting submissions within Admin CP and I got blocked (and I had to manually remove my entry from the DB) which (to me anyway) would indicate that the settings are correct

Paul
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Tue Aug 28, 2007 4:25 pm Reply with quote

What is set in your Blocker configuration for abuse scripts?

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
p17blo
PostPosted: Tue Aug 28, 2007 7:38 pm Reply with quote

Setting for Scripting Blocker are as follows:
Activate: EMAIL ADMIN
Write to .htaccess: You can not use .htaccess writting until you have set the htaccess Path in admin
Forward to: Blank
IP Block type: FULL IP
Default Page: Admin
Email IP Lookup: ARIN
Reason: Abuse-Script
Block-Duration: Permanent

Having just looked over this again I am a little confused about 3 things:
1) Should Activate be set to something else - Having looked at the options is this the blocker action? I assume Activate to mean something else
2) Why do I get the message about .htaccess as I have set the path (Is it because of the 644 fill att)
3) Block-Duration: Permanent doesn't seem to block at all. Maybe related to 1 and 2

Thanks

Paul

ps. Are there any supplied or available docs on Sentinel?
 
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Tue Aug 28, 2007 8:57 pm Reply with quote

You probably need 0666 on .htaccess to get it to write IP's into it. You also need to set Activate to one of the options that has Block in it.

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
Gremmie
PostPosted: Tue Aug 28, 2007 8:59 pm Reply with quote

Also Sentinel will block if you have Activate with a Block option by sticking a record in a database table. If you want further protection at the server level, say "yes" to write to .htaccess, and make sure it is writeable of course.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©