| Author |
Message |
djrino
Regular
Joined: Mar 11, 2005
Posts: 52
|
 Posted:
Fri Apr 01, 2005 2:14 pm |
 
|
Hi.
How test if sentinel 2.2.0 is correctly configured?
And how test if really block the intruders attack?
I can test it myself.
some way or some files that if says to you if is installed correctly?
Many tnx |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Sat Apr 02, 2005 10:16 pm |
|
Assuming you have configured to have Union blocking on, try this. I didn't test it but I don't want to show a real type attack to give anyone ideas. This should be enough to test it.
| Code: | | http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/ |
|
Last edited by Raven on Mon Jan 30, 2006 7:14 am; edited 2 times in total |
|
  
|
|
hero
New Member
Joined: Oct 08, 2005
Posts: 4
|
| Posted:
Sat Oct 08, 2005 8:43 pm |
|
Well I used that code to test my site and guess what I banned myself . And it took me few hours to figure out how to unban myself D: |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Sat Oct 08, 2005 10:14 pm |
|
The first sticky in the forum 
|
Last edited by Raven on Mon Jan 30, 2006 7:15 am; edited 2 times in total |
|
|
|
|
protostab
New Member
Joined: Jan 29, 2006
Posts: 4
|
| Posted:
Sun Jan 29, 2006 8:56 pm |
|
So I used the above code to verify that I installed Nuke Sentinel correctly. I got the "You have been blocked from entering this site.", so I think, great!!! I have it installed correctly.  So I started to go to my htaccess file to delete the IP address ( I have it set for wide open (777)), no IP was written so I went back to my site and was not blocked.
My .htaccess file code:
| Code: | Options All -Indexes
DirectoryIndex index.php index.htm index.html
# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .ftaccess>
deny from all
</Files>
<Files .staccess>
deny from all
</Files>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# ------------------------------------------- |
I have Admin Auth: set to Admin HTTPAuth
htaccess file path correct
no staccess file
Any chance you know how I can enter
| Code: | | http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/ |
it say i'm banned, but I'm actually not? Why would it not write the ip to the file and NukeSentinel(tm): Display Blocked IP's were not shown.
PHP-Nuke-7.8
NukeSentinel_242_71-79
Any other information needed? |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Sun Jan 29, 2006 11:54 pm |
|
Look in your Blocker Configuration. Do you have that particluar block set to write to .htaccess? Also, if you have yourself as admin protected when you tested this, it won't write to .htaccess. That's part of the protection  |
Last edited by Raven on Mon Jan 30, 2006 7:13 am; edited 1 time in total |
|
|
|
|
protostab
New Member
Joined: Jan 29, 2006
Posts: 4
|
| Posted:
Mon Jan 30, 2006 5:22 am |
|
Thanks Raven, I looked in the B.C. and I didn't have that selected. I also had myself protected. So I went back in, setup the the B.C. settings to my liking and unprotected myself, still no luck blocking myself. I may try from work to see how that goes.
Any other options?
I had N.S. on a website a few years ago and got it setup and running with no problems, this time it's wanting to smack me around.
Thanks!!!
Proto |
|
|
|
|
|
protostab
New Member
Joined: Jan 29, 2006
Posts: 4
|
| Posted:
Mon Jan 30, 2006 6:59 am |
|
I believe that worked. I went to the site, didn't login, tried to access | Code: | | http://yourdomain.com/modules.php?name=Your_Account&/**/union/**/ |
got the "You have been blocked from entering this site.", now I can go to the home page to view it, but cannot go to any of the modules (ex. forums, downloads, or etc.).
| Quote: | Forbidden
You don't have permission to access /******/html/modules.php on this server. |
I'm guessing I can change a setting to bring up the N.S. default page under the Block Config. for "Union" (email, block, default).
I can't check my htaccess file from work, so it will have to wait until I get home.
Should I activate all the "Block Config" settings?
I'll keep you informed.
Thanks for all of your work! |
|
|
|
|
|
protostab
New Member
Joined: Jan 29, 2006
Posts: 4
|
| Posted:
Mon Jan 30, 2006 7:10 am |
|
Now I get this when I go to my site
| Quote: | Forbidden
You don't have permission to access /******/html/modules.php on this server. |
Seems like everything is working correctly, besides it showing the N.S. Default blocked page, but it seems safe!!!
So I'm guessing since I can't access the site, it has written the IP to the htaccess file or could it have only written it to the database? (remember, I can't access my htaccess from work)
Thanks, |
|
|
|
|
|
Jakeonline
New Member
Joined: Feb 13, 2006
Posts: 4
|
| Posted:
Tue Feb 14, 2006 2:56 am |
|
Hello,
i have the same problem. i use PHP-Nuke-7.6.0.3.1c-SE with NukeSentinel_242pl4
SN seems to work. it tracks ip's, shows me what they did but it's not possible to get a perm ban written. i tried the same thing, logged out, got a new ip, used another browser and tried the on my page. i got a perm ban on my window (the black thing saying you are perm banned) , but i was able to go everywhere after that on my page.
Next i entered manualy my ip to the blocked ip's - that worked fine, it was written in the .htacces so i wasnt even able to get the black thingy. i deleted after that the deny ip entry from the .htaccess i was still banned with showing the black thingy. made a new ip again, deleted the manual block and everything ok.
what could be wrong on my server, that SN don't write perm bans by itself? i checked it twice, that i enabled every blocker (without flooding, that makes only problems, 3 clicks and you get the perm ban window) and also enabled the "write to .htaccess. i also opened the mysql database to see that it's really activated.
my .htaccess looks like
| Quote: | # -------------------------------------------
# Start of NukeSentinel(tm) xxx123.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>
<Files xxx123.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /***************/public_html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) xxx123.php Auth
# --------------------- |
i use a different name then admin.php - the path to staccess is correct, the .htaccess auth is working. running apache2 with php as fcgi
and beside this, i do have decrypted pw's in my logs from SN. so i can see everyones pw, what i really don't want/need (sry, for the bad english, if i wrote to stupid things)
greets Jakeonline |
|
|
|
|
|
Susann
Moderator
Joined: Dec 19, 2004
Posts: 3143
Location: Germany:Moderator German NukeSentinel Support
|
| Posted:
Thu Mar 02, 2006 8:08 am |
|
| Quote: | | what could be wrong on my server, that SN don't write perm bans by itself? |
I couldnīt reproduce all his problems. Therefore an answer would be really great.  |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Thu Mar 02, 2006 10:02 am |
|
| protostab wrote: | Now I get this when I go to my site
| Quote: | Forbidden
You don't have permission to access /******/html/modules.php on this server. |
Seems like everything is working correctly, besides it showing the N.S. Default blocked page, but it seems safe!!!
So I'm guessing since I can't access the site, it has written the IP to the htaccess file or could it have only written it to the database? (remember, I can't access my htaccess from work)
Thanks, |
Did you ever confirm that .htaccess was being written to? |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Thu Mar 02, 2006 10:03 am |
|
| Susann wrote: | | Quote: | | what could be wrong on my server, that SN don't write perm bans by itself? |
I couldnīt reproduce all his problems. Therefore an answer would be really great. |
You say you couldn't reproduce - How can I answer it? I can't reproduce it. |
|
|
|
|
|
Jakeonline
New Member
Joined: Feb 13, 2006
Posts: 4
|
| Posted:
Thu Mar 02, 2006 10:49 am |
|
As is wrote:
I can add a perm ban using the add ip menu from sentinel. The ip is written into the .htaccess then. I have also on every blocker the confirmation to write into .htaccess with choosing "Yes" I also have the free row in the .htaccess
It cant be a chmod problem, i wouldn't be able to add an ip ban using the sentinel admin menu then.
I also tried it twice to install sentinel from the scratch - i also tried to open each file on linux, saveed it, tar everything, and untar it on the server - so for 110% it can't be an upload problem with corrupt files. |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Thu Mar 02, 2006 11:21 am |
|
Jakeonline,
What is PHP-Nuke-7.6.0.3.1c-SE?
Also, were you having this problem before applying the pl4 ? |
|
|
|
|
|
Jakeonline
New Member
Joined: Feb 13, 2006
Posts: 4
|
| Posted:
Thu Mar 02, 2006 3:35 pm |
|
I downloaded it from
It's called PHP-Nuke 7.6 - 3.1c - Special Edition
They also have an official support for sentinel in german, so i think it can't be wrong to use the phpnuke version from their side. It is a clean install - no phpnuke version before on that server and never had sentinel running before on an other server. Everything - sentinel and phpnuke on that server running the first time. |
|
|
|
|
|
Susann
Moderator
Joined: Dec 19, 2004
Posts: 3143
Location: Germany:Moderator German NukeSentinel Support
|
| Posted:
Thu Mar 02, 2006 4:03 pm |
|
This edition was made by A.D. As I know itīs a standard Nuke 7.6 with 2.0.19 forum incl. 4 differents Mods. Iī ve never used this version but I donīt think thatīs the reason for your problem. |
|
|
|
|
|
Jakeonline
New Member
Joined: Feb 13, 2006
Posts: 4
|
| Posted:
Sat Mar 04, 2006 11:23 pm |
|
Ok,
after reinstalling again and all the things i wrote i was getting crazy, because i thought im not that "n00b" in installing scripts on my server. I read some posts again on this Forum and stopped at this post from you Raven:
| Quote: | Under NukeSentinel Configuration, for each type of block there are 2 settings:
Activate and Write to .htaccess. Make sure that the Activate option includes the 'Block' and that write to .htaccess is set to 'Yes'. Make sure the .htaccess permissions are 666 or 777. |
I checked my configuration again and i started to wonder what it means "activate and write to .htaccess" - in the german Version it starts on the activation row with "aus" wich means "off" - well, i turned everything to "send email to administrator" wich means in my eys its on. The next row in the german version is "write to .htaccess" with the options "enable" or "disable" - i turned it to "enable"
so - what i wanna say with this long text in crappy english is, i "activated ns with choosing "send email" and enable to write into .htaccess
b u t
this seems to be wrong. maybe it is a bug in ns or it is really missunderstanding for users like me: in the activating row you have also the option "send email, block, show default page"
For me, as user, its clear that when i choose "enable to write in .htaccess" the user will be blocked (the page is telling that) and it is written into the .htaccess, because i enabled it.
The solution for me was to use it "doubled" - in the activating row "send email, block, show default page" AND "enable to write in .htaccess" - i wonder by myself, why there is a row with "enable to write in .htaccess" when it is not writing into that file unless you choosed the correct row in the activating. It would be better to automatic enable to write into the .htaccess file, when it is chossen in the activating row.
So finally this nice and helpful script is working now for me. |
|
|
|
|
|
Satch
New Member
Joined: Mar 05, 2006
Posts: 16
|
| Posted:
Sun Mar 05, 2006 9:42 pm |
|
I've got the same problem. I tried and get the black screen but it isn't written into the db or .htaccess. About the only thing I noticed is that in the write_ban function in includes/nukesentinel.php, the value of $blocker_row['activate'] is 1 so it will always by pass the insert to db. Any suggestions? I've got adminsecure installed, would that and fortress be secure enough if I can't get sentinel to work?
Thanks,
Satch |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon Mar 06, 2006 12:14 am |
|
You should not be combining these applications as they will step on each other. You definitely don't need Fortress and adminsecure is pretty much redundant in some ways. |
|
|
|
|
|
bugsTHoR
Involved
Joined: Apr 05, 2006
Posts: 252
|
| Posted:
Sun Apr 23, 2006 11:37 am |
|
i got banned and redirect to the you have been banned page
i went htaccess not there but was in the PHPMYADMIN
in the NSNST_BLOCKED_IP running 7.6 2.20.2 wicked thx Raven mysql 5, 2.4.2
with 2.0.19
so u know that version and configuration works , maybe you should let peeps do this
so you can make topic on each vesion and setup has problems mho
thats all roger out |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Sun Apr 23, 2006 3:30 pm |
|
You have totally confused me with you post. What are you trying to say? |
|
|
|
|
|
bugsTHoR
Involved
Joined: Apr 05, 2006
Posts: 252
|
| Posted:
Sun Apr 23, 2006 3:37 pm |
|
I tried your link to test nuke sentinel using , it banned as it should. 
That is what this topic is about is it not?
why the confusion Raven |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Sun Apr 23, 2006 4:03 pm |
|
Sorry, I just didn't understand the way you worded your post. I couldn't tell if you had a problem or not. |
|
|
|
|
|
bugsTHoR
Involved
Joined: Apr 05, 2006
Posts: 252
|
| Posted:
Tue Apr 25, 2006 6:46 am |
|
sry raven i will try to be more clear next time |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
