Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
djrino
Regular
Regular


Joined: Mar 11, 2005
Posts: 52

PostPosted: Fri Apr 01, 2005 2:14 pm Reply with quote

Hi.
How test if sentinel 2.2.0 is correctly configured?

And how test if really block the intruders attack?

I can test it myself.

some way or some files that if says to you if is installed correctly?
Many tnx
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat Apr 02, 2005 10:16 pm Reply with quote

Assuming you have configured to have Union blocking on, try this. I didn't test it but I don't want to show a real type attack to give anyone ideas. This should be enough to test it.
Code:
http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/


Last edited by Raven on Mon Jan 30, 2006 7:14 am; edited 2 times in total 
View user's profile Send private message
hero
New Member
New Member


Joined: Oct 08, 2005
Posts: 4

PostPosted: Sat Oct 08, 2005 8:43 pm Reply with quote

Well I used that code to test my site and guess what I banned myself . And it took me few hours to figure out how to unban myself D:
 
View user's profile Send private message
Raven
PostPosted: Sat Oct 08, 2005 10:14 pm Reply with quote

The first sticky in the forum ROTFL Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login!


Last edited by Raven on Mon Jan 30, 2006 7:15 am; edited 2 times in total 
protostab
New Member
New Member


Joined: Jan 29, 2006
Posts: 4

PostPosted: Sun Jan 29, 2006 8:56 pm Reply with quote

So I used the above code to verify that I installed Nuke Sentinel correctly. I got the "You have been blocked from entering this site.", so I think, great!!! I have it installed correctly. Smile So I started to go to my htaccess file to delete the IP address ( I have it set for wide open (777)), no IP was written so I went back to my site and was not blocked.

My .htaccess file code:
Code:
Options All -Indexes

DirectoryIndex index.php index.htm index.html

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .ftaccess>
  deny from all
</Files>

<Files .staccess>
  deny from all
</Files>

# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------


I have Admin Auth: set to Admin HTTPAuth
htaccess file path correct
no staccess file

Any chance you know how I can enter
Code:
http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/

it say i'm banned, but I'm actually not? Why would it not write the ip to the file and NukeSentinel(tm): Display Blocked IP's were not shown.

PHP-Nuke-7.8
NukeSentinel_242_71-79

Any other information needed?
 
View user's profile Send private message
Raven
PostPosted: Sun Jan 29, 2006 11:54 pm Reply with quote

Look in your Blocker Configuration. Do you have that particluar block set to write to .htaccess? Also, if you have yourself as admin protected when you tested this, it won't write to .htaccess. That's part of the protection Wink


Last edited by Raven on Mon Jan 30, 2006 7:13 am; edited 1 time in total 
protostab
PostPosted: Mon Jan 30, 2006 5:22 am Reply with quote

Thanks Raven, I looked in the B.C. and I didn't have that selected. I also had myself protected. So I went back in, setup the the B.C. settings to my liking and unprotected myself, still no luck blocking myself. I may try from work to see how that goes.

Any other options?

I had N.S. on a website a few years ago and got it setup and running with no problems, this time it's wanting to smack me around. Smile

Thanks!!!
Proto
 
protostab
PostPosted: Mon Jan 30, 2006 6:59 am Reply with quote

I believe that worked. I went to the site, didn't login, tried to access
Code:
http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/
got the "You have been blocked from entering this site.", now I can go to the home page to view it, but cannot go to any of the modules (ex. forums, downloads, or etc.).

Quote:
Forbidden
You don't have permission to access /******/html/modules.php on this server.


I'm guessing I can change a setting to bring up the N.S. default page under the Block Config. for "Union" (email, block, default).

I can't check my htaccess file from work, so it will have to wait until I get home.

Should I activate all the "Block Config" settings?

I'll keep you informed.

Thanks for all of your work!
 
protostab
PostPosted: Mon Jan 30, 2006 7:10 am Reply with quote

Now I get this when I go to my site

Quote:
Forbidden
You don't have permission to access /******/html/modules.php on this server.


Seems like everything is working correctly, besides it showing the N.S. Default blocked page, but it seems safe!!!

So I'm guessing since I can't access the site, it has written the IP to the htaccess file or could it have only written it to the database? (remember, I can't access my htaccess from work)

Thanks,
 
Jakeonline
New Member
New Member


Joined: Feb 13, 2006
Posts: 4

PostPosted: Tue Feb 14, 2006 2:56 am Reply with quote

Hello,

i have the same problem. i use PHP-Nuke-7.6.0.3.1c-SE with NukeSentinel_242pl4

SN seems to work. it tracks ip's, shows me what they did but it's not possible to get a perm ban written. i tried the same thing, logged out, got a new ip, used another browser and tried the Only registered users can see links on this board! Get registered or login! on my page. i got a perm ban on my window (the black thing saying you are perm banned) , but i was able to go everywhere after that on my page.

Next i entered manualy my ip to the blocked ip's - that worked fine, it was written in the .htacces so i wasnt even able to get the black thingy. i deleted after that the deny ip entry from the .htaccess i was still banned with showing the black thingy. made a new ip again, deleted the manual block and everything ok.

what could be wrong on my server, that SN don't write perm bans by itself? i checked it twice, that i enabled every blocker (without flooding, that makes only problems, 3 clicks and you get the perm ban window) and also enabled the "write to .htaccess. i also opened the mysql database to see that it's really activated.

my .htaccess looks like

Quote:
# -------------------------------------------
# Start of NukeSentinel(tm) xxx123.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files xxx123.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /***************/public_html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) xxx123.php Auth
# ---------------------


i use a different name then admin.php - the path to staccess is correct, the .htaccess auth is working. running apache2 with php as fcgi


and beside this, i do have decrypted pw's in my logs from SN. so i can see everyones pw, what i really don't want/need (sry, for the bad english, if i wrote to stupid things)

greets Jakeonline
 
View user's profile Send private message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Thu Mar 02, 2006 8:08 am Reply with quote

Quote:
what could be wrong on my server, that SN don't write perm bans by itself?


I couldn´t reproduce all his problems. Therefore an answer would be really great. Rolling Eyes
 
View user's profile Send private message
Raven
PostPosted: Thu Mar 02, 2006 10:02 am Reply with quote

protostab wrote:
Now I get this when I go to my site

Quote:
Forbidden
You don't have permission to access /******/html/modules.php on this server.


Seems like everything is working correctly, besides it showing the N.S. Default blocked page, but it seems safe!!!

So I'm guessing since I can't access the site, it has written the IP to the htaccess file or could it have only written it to the database? (remember, I can't access my htaccess from work)

Thanks,

Did you ever confirm that .htaccess was being written to?
 
Raven
PostPosted: Thu Mar 02, 2006 10:03 am Reply with quote

Susann wrote:
Quote:
what could be wrong on my server, that SN don't write perm bans by itself?


I couldn´t reproduce all his problems. Therefore an answer would be really great. Rolling Eyes

You say you couldn't reproduce - How can I answer it? I can't reproduce it.
 
Jakeonline
PostPosted: Thu Mar 02, 2006 10:49 am Reply with quote

As is wrote:

I can add a perm ban using the add ip menu from sentinel. The ip is written into the .htaccess then. I have also on every blocker the confirmation to write into .htaccess with choosing "Yes" I also have the free row in the .htaccess

It cant be a chmod problem, i wouldn't be able to add an ip ban using the sentinel admin menu then.

I also tried it twice to install sentinel from the scratch - i also tried to open each file on linux, saveed it, tar everything, and untar it on the server - so for 110% it can't be an upload problem with corrupt files.
 
Raven
PostPosted: Thu Mar 02, 2006 11:21 am Reply with quote

Jakeonline,

What is PHP-Nuke-7.6.0.3.1c-SE?

Also, were you having this problem before applying the pl4 ?
 
Jakeonline
PostPosted: Thu Mar 02, 2006 3:35 pm Reply with quote

I downloaded it from Only registered users can see links on this board! Get registered or login!

It's called PHP-Nuke 7.6 - 3.1c - Special Edition

They also have an official support for sentinel in german, so i think it can't be wrong to use the phpnuke version from their side. It is a clean install - no phpnuke version before on that server and never had sentinel running before on an other server. Everything - sentinel and phpnuke on that server running the first time.
 
Susann
PostPosted: Thu Mar 02, 2006 4:03 pm Reply with quote

This edition was made by A.D. As I know it´s a standard Nuke 7.6 with 2.0.19 forum incl. 4 differents Mods. I´ ve never used this version but I don´t think that´s the reason for your problem.
 
Jakeonline
PostPosted: Sat Mar 04, 2006 11:23 pm Reply with quote

Ok,

after reinstalling again and all the things i wrote i was getting crazy, because i thought im not that "n00b" in installing scripts on my server. I read some posts again on this Forum and stopped at this post from you Raven:

Quote:
Under NukeSentinel Configuration, for each type of block there are 2 settings:

Activate and Write to .htaccess. Make sure that the Activate option includes the 'Block' and that write to .htaccess is set to 'Yes'. Make sure the .htaccess permissions are 666 or 777.


I checked my configuration again and i started to wonder what it means "activate and write to .htaccess" - in the german Version it starts on the activation row with "aus" wich means "off" - well, i turned everything to "send email to administrator" wich means in my eys its on. The next row in the german version is "write to .htaccess" with the options "enable" or "disable" - i turned it to "enable"

so - what i wanna say with this long text in crappy english is, i "activated ns with choosing "send email" and enable to write into .htaccess

b u t

this seems to be wrong. maybe it is a bug in ns or it is really missunderstanding for users like me: in the activating row you have also the option "send email, block, show default page"
For me, as user, its clear that when i choose "enable to write in .htaccess" the user will be blocked (the page is telling that) and it is written into the .htaccess, because i enabled it.

The solution for me was to use it "doubled" - in the activating row "send email, block, show default page" AND "enable to write in .htaccess" - i wonder by myself, why there is a row with "enable to write in .htaccess" when it is not writing into that file unless you choosed the correct row in the activating. It would be better to automatic enable to write into the .htaccess file, when it is chossen in the activating row.

So finally this nice and helpful script is working now for me.
 
Satch
New Member
New Member


Joined: Mar 05, 2006
Posts: 16

PostPosted: Sun Mar 05, 2006 9:42 pm Reply with quote

I've got the same problem. I tried Only registered users can see links on this board! Get registered or login! and get the black screen but it isn't written into the db or .htaccess. About the only thing I noticed is that in the write_ban function in includes/nukesentinel.php, the value of $blocker_row['activate'] is 1 so it will always by pass the insert to db. Any suggestions? I've got adminsecure installed, would that and fortress be secure enough if I can't get sentinel to work?

Thanks,

Satch
 
View user's profile Send private message
Raven
PostPosted: Mon Mar 06, 2006 12:14 am Reply with quote

You should not be combining these applications as they will step on each other. You definitely don't need Fortress and adminsecure is pretty much redundant in some ways.
 
bugsTHoR
Involved
Involved


Joined: Apr 05, 2006
Posts: 261

PostPosted: Sun Apr 23, 2006 11:37 am Reply with quote

i got banned and redirect to the you have been banned page

i went htaccess not there but was in the PHPMYADMIN
in the NSNST_BLOCKED_IP running 7.6 2.20.2 wicked thx Raven mysql 5, 2.4.2
with 2.0.19

so u know that version and configuration works , maybe you should let peeps do this

so you can make topic on each vesion and setup has problems mho

thats all roger out

_________________
Only registered users can see links on this board! Get registered or login! LUV RAVEN DISTROBUTION BEBE

Clanthemes.com are great (free advertisements for now until i get to 20,000 posts LoL) 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Sun Apr 23, 2006 3:30 pm Reply with quote

You have totally confused me with you post. What are you trying to say?
 
bugsTHoR
PostPosted: Sun Apr 23, 2006 3:37 pm Reply with quote

I tried your link to test nuke sentinel using , it banned as it should. Very Happy

That is what this topic is about is it not?

why the confusion Raven
 
Raven
PostPosted: Sun Apr 23, 2006 4:03 pm Reply with quote

Sorry, I just didn't understand the way you worded your post. I couldn't tell if you had a problem or not.
 
bugsTHoR
PostPosted: Tue Apr 25, 2006 6:46 am Reply with quote

sry raven i will try to be more clear next time
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©