Invalid IP used loophole problem

New Member Joined: Jan 15, 2005 Posts: 6

I'm rolling PHPNuke 7.6 with the latest NukeSentinnel. I'm doing so within a local development environment. The IP of the system is 127.0.0.1 and I am surfing the changes from the same IP address. Once I pasted the 7 lines of code into mainfile.php, I get:

"Invalid IP used"

This, of course, is excellent for production environments; nice thinking. I would, however, like to turn it off temporarily. I commented out the reference to 127.0.0.1 in admin/modules/ipban.php. That didn't work. I could use a clue. What files do I need to tweak to disable this most excellent security measure? No need to warn me about shipping it to production like this. I'll take care of it before I move it live. Wink

Posted: Mon Jan 17, 2005 8:44 am

Make a backup of the nsnst_blocked_ranges data. Then empty the table when you move from localhost run the dump file back in.

Posted: Mon Jan 17, 2005 11:45 am

sixonetonoffun wrote:

Make a backup of the nsnst_blocked_ranges data. Then empty the table when you move from localhost run the dump file back in.

Thanks fella.

Posted: Tue Jan 18, 2005 7:25 pm

nsnst_blocked_ranges

That table has no data. What's next?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

feuerfuchs wrote:

I'm rolling PHPNuke 7.6 with the latest NukeSentinnel. I'm doing so within a local development environment. The IP of the system is 127.0.0.1 and I am surfing the changes from the same IP address. Once I pasted the 7 lines of code into mainfile.php, I get:

"Invalid IP used"

This, of course, is excellent for production environments; nice thinking. I would, however, like to turn it off temporarily. I commented out the reference to 127.0.0.1 in admin/modules/ipban.php. That didn't work. I could use a clue. What files do I need to tweak to disable this most excellent security measure? No need to warn me about shipping it to production like this. I'll take care of it before I move it live. Wink

On or about line 125 in includes/sentinel.php is the following

Code:

if($remote=="none") { die("Invalid IP used"); }

Comment it out

Code:

//if($remote=="none") { die("Invalid IP used"); }

Subject Matter Expert Joined: Feb 23, 2004 Posts: 358

open /includes/sentinel.php

search for the following

Code:

$remote = get_ip();


if($remote=="none") { die("Invalid IP used"); }

comment out the IF

Code:

$remote = get_ip();


// if($remote=="none") { die("Invalid IP used"); }

That should let you test locally... un-comment that line when you go production

PHrEEk

Posted: Tue Jan 18, 2005 9:16 pm

lol.. we did it again Gaylen....

ROTFL

Posted: Tue Jan 18, 2005 9:17 pm

Hmmm. Wish I had said that ROTFL

Posted: Tue Jan 18, 2005 9:17 pm

you're stalking my posts!!

Smack

Posted: Tue Jan 18, 2005 9:18 pm

This is hilarious boxing

Posted: Wed Jan 19, 2005 4:45 pm

You guys rox0r. May the best dot win.

Regular Joined: Mar 11, 2005 Posts: 52

HI, i test nuke on my localnetwork.
How i make this on Sentinel 220?
Many TNX

New Member Joined: Mar 05, 2009 Posts: 2

I'm Using php nuke 7.6 with NukeSentinel and my site displays Invalid IP used when i comment out the
$remote = get_ip();
// if($remote=="none") { die("Invalid IP used"); }
The website comes up from my current ip yet in tracked ip it has me as none?
It is not a local server and im on
Wave Broadband WAVE-WOODBURN-1 (NET-76-14-192-0-1) 76.14.192.0 - 76.14.255.255
Any ideas how to make my site read my ip?

Posted: Fri Mar 06, 2009 12:13 am

Add this range 76.14.192.0 - 76.14.255.255 to your ip2country table.

From your ACP, select NukeSentinel(tm)=>IP to Country Menu=>IP2C Add Range

Posted: Fri Mar 06, 2009 9:14 am

The NukeSentinel loaded on my website was before IP2C if i remeber right it was the version right before. It has the words in the menu yet they are not a link. and there is no table in my sql.

Posted: Fri Mar 06, 2009 12:47 pm

You need to update to the latest version of NukeSentinel(tm) for many reasons.