Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.10.01 - All Issues
Author Message
jimmo
Worker
Worker



Joined: Dec 08, 2005
Posts: 107

PostPosted: Sun Jan 13, 2008 7:36 am Reply with quote

Hi All!

I am running rn2.10.00 and have had this problem for at least a year and despite configuration changes and code hacks, the problem persists. I am grateful for all of the help people have provided, but I still have this problem. Users are getting blocked because the alledgedly attempted an "Unknown attack". The most recent user sent this:

User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
Query String: name=MContent&pageid=90
GET String: name=MContent&pageid=90
POST String:
Referer: [ Only registered users can see links on this board! Get registered or login! ]
Request Method: GET
Remote Address: 24.252.X.X
Client IP: none
Forwarded For: 127.0.0.1
Date Blocked: 2008-01-11 @ 14:38:06 EST GMT -0500
Block expires: Permanent

The user agent can be any browser or OS. There is also no patter to the query string, GET string or post string. The only thing that seems to bee consistent is:

Client IP: none
Forwarded For: 127.0.0.1

I have set $bypassNukeSentinelInvalidIPCheck = FALSE; in rnconfig.php. I have made the code changes in nukesentinel.php that Bob Moran suggested in another post. However, users are still getting blocked. All of the blocks should be sending me email, but these are not. Block Proxies and DOS Protection are both set to OFF.

I have looked through the nukesentinel.php code many times and I cannot figure out what exactly is cause the block. Everything I found says that the users should not be blocked. I am at a loss where to look and desperate for a solution. Any help is appreciated.

regards,

jimmo
 
View user's profile Send private message
kguske
Site Admin



Joined: Jun 04, 2004
Posts: 6432

PostPosted: Sun Jan 13, 2008 8:25 am Reply with quote

It may be blocked if there is no client IP. Just to clarify, have you tried using this:

$bypassNukeSentinelInvalidIPChecked - TRUE;

Also, is your DOS protection off? I don't think warnings are sent for that.

_________________
I search, therefore I exist...
nukeSEO - nukeFEED - nukePIE - nukeSPAM - nukeWYSIWYG
 
View user's profile Send private message
jimmo







PostPosted: Sun Jan 13, 2008 3:27 pm Reply with quote

Sorry, I cut-n-pasted too fast. The live server is set like this:

$bypassNukeSentinelInvalidIPChecked = TRUE;

My test machine has it set to FALSE. I just checked the live server again and DOS Protection ist set to OFF.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.10.01 - All Issues

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©