Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
bavarian
Hangin' Around


Joined: Nov 11, 2004
Posts: 25

PostPosted: Wed Feb 16, 2005 5:53 am Reply with quote

I have no real problem to solve, since everything works fine. At least seems to work fine. I tried to attack my site with Only registered users can see links on this board! Get registered or login! Sentilnell blocked my IP and also wrote my IP into the .htaccess file and not only into the database table.

BUT what is confusing me and makes me wonder if I did anything wrong is the fact, that I don't have have any combo of USERID/cryptedPASSWORD in the secret .staccess file. And still everything works fine.

In the Administative Settings for Sentiniel i have following
Admin Aufth: Admin HTTPAuth
htaaccess path: correct path added here
left empty the stacess path for CGIAuth Setup

i can log into my admin-section without any problem. first the password check with the password that i initally had set in the Admin Auth List for my God account .... then the regular phpnuke login procedure. i suppose this is the way it is supposed to work.

alllthough .htaccess file points with a correct path to .staccess file and should demand a password in there ....but it obviously does not. what did i do wrong?

where is the password stored then? in the database? everthing works fine then ... what is the advantage of having the password in the .staccess file then?

ALSO (a small problem): i could not get this CRYPT.php script to work .... just copied the text and loaded it as Only registered users can see links on this board! Get registered or login! .... but it does not generate any code .... what did i do wrong here?

THANKS IN ADVANCE FOR HINTS
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Wed Feb 16, 2005 6:57 am Reply with quote

Admin Auth: Admin HTTPAuth
is not the same as CGIAuth logic wise, but is operationally. CGIAuth requires the use of .staccess but HTTPAuth uses the id/pass that is stored in the database. Thete is no need to use both, although you could, but it would then require 3 logins instead of 2. See if this helps Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
bavarian
PostPosted: Wed Feb 16, 2005 7:09 am Reply with quote

thanks raven!

yes, i understand that there is no need to use both methods.

if i understood you correctly, i don't need the .staccess file if i use HTTPAuth ?

the link to post2950 did confuse me, so i keep my eyes off it for a while. i guess i will remove the .staccess file then and just stay with HTTPAuth which obviously seems to work fine here on my end.

does HTTPAuth need the .htaccess file then?
and if so .... what is it supposed to contain then?

i guess this part can be remoed if there is no need for the secret file when using HTTPAuth
<Files .mysecretfile>
  deny from all
</Files>

SO I JUST KEEP THAT PART
but remove the line marked with the arrow --------speedtypespeedtype
<Files admin.php>
   <Limit GET POST PUT>
      require valid-user
   </Limit>
   AuthName "Restricted"
   AuthType Basic
------speedtypespeedtypespeedtype>   AuthUserFile /home/USERNAME/public_html/.mysecretfile <<<<<<<---------
</Files>
 
Raven
PostPosted: Wed Feb 16, 2005 7:14 am Reply with quote

.htaccess is needed for NS to write banned IP's to, Bad Bots, Santy Worm protection, GT rewrites, etc. It is NOT needed for HTTPAuth as that is a function of the HTTP protocol and the browser invokes it. You can remove

<Files .mysecretfile>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile /home/USERNAME/public_html/.mysecretfile
</Files>
 
bavarian
PostPosted: Wed Feb 16, 2005 7:43 am Reply with quote

ok ... thanks for all that useful help !

so .htaccess can in my case be completely empty to start with

THANKS AGAIN !
 
Raven
PostPosted: Wed Feb 16, 2005 8:08 am Reply with quote

Yes.
 
luri
New Member
New Member


Joined: Mar 11, 2005
Posts: 2

PostPosted: Fri Mar 11, 2005 2:04 pm Reply with quote

well, first of all, forgive my 'newbeness'Embarassed and, probably, my english Embarassed. The problem is that i can't get sentinel to effectively ban an IP. I have tried a UNION attack on my own site and i get the sentinel page informing that the ip has been blocked, i get an e-mail telling me the ip has been blocked, and i can see the ip in the blocked list BUT i can acces from that ip normally to my site. Am I doing something wrong or missing anything? I'm running nS 2.2.0, on a IIS 5.1 server. Thanks in advance.
 
View user's profile Send private message
luri
PostPosted: Fri Mar 11, 2005 2:38 pm Reply with quote

Ok, I'll answer myself, in case it's useful for anyone:
I had this in nukesentinel.php:

Code:
// Check if ip is blocked


$blocked_row = abget_blocked($nsnst_const['$remote_ip']);
if($blocked_row) { blocked($blocked_row); }


More or less obviously, this should have read:

Code:
// Check if ip is blocked


$blocked_row = abget_blocked($nsnst_const['remote_ip']);
if($blocked_row) { blocked($blocked_row); }


Note there's no $ before remote_ip

Why i had this file wrong, i don't know.
 
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Fri Mar 11, 2005 5:06 pm Reply with quote

I'll patch the downloads for this. I test and test but I don't catch everything Sad

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
manunkind
Client


Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM

PostPosted: Fri Mar 11, 2005 6:13 pm Reply with quote

So if we already downloaded this, should we all replace this code, Bob or Raven? This is a guaranteed bug and should be fixed?
 
View user's profile Send private message Visit poster's website
BobMarion
PostPosted: Fri Mar 11, 2005 10:28 pm Reply with quote

Check for it first, if you don't have the $ then your fine if you do remove the $ from that part Smile
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©