changed admin file getting forbidden to approve articles

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

Ever since I changed the admin file name, also in the config.php, I have not been able to approve articles. Getting:

Forbidden

Referred From : (new admin file)
Your IP : x.x.x.x
The Page Requested: /(new admin file)
Agent : my browser
Redirect Status : 403

Raven · Posted: Fri Feb 20, 2009 3:23 am

Change it back - seriously. It does no good anyway. No real security. Symbolism without substance Wink

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

OK, I changed it back but I'm still getting the forbidden error. Earlier I posted that my authors table in my database was removed so I manually added it back in and then created the god account again. Could this have something to do with it?

The forbidden page is the following: /admin.php?op=DisplayStory&qid=38

Either preview or post, same error.

fkelly · Posted: Fri Feb 20, 2009 10:32 am

How was the authors table removed and how did you manually add it back in? Can you carry out other admin functions ... for instance when logged in as your God admin can you go into edit admins and add a new admin? That would tell us whether your authors table is corrupt or not.

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

I was able to add another admin and it does show my account as the god account. I'm not sure how the table was removed, I believe it was some kind of hack.

slackervaara · Worker Joined: Aug 26, 2007 Posts: 234

You can protect your admin.php via .htaccess, so only your ip-address can access it. It is good if hackers gets the password and username, because they don't have much use of it then.

<Files "admin.php">
Order allow,deny
Allow from xx.xx.xxx.xxx
Allow from xx.xx.xx.
Allow from xx.xx.
</Files>

This also protects all admin.php of your site.

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

My hosting company upgraded php to 4.4.9. They said to add this handler in my htaccess file:

AddHandler php-script .php .php3 .php4 .htm .html .phtml

which I did because I have htm/html files with php lines. Can anyone help?

Palbin · Posted: Wed Feb 25, 2009 11:33 am

onnig wrote:

My hosting company upgraded php to 4.4.9.

Not sure how they can even call that an upgrade.

Sorry I had to. killing me

montego · Posted: Wed Feb 25, 2009 6:30 pm

Ok, since you have changed the name of your admin file back to admin.php, the original error message doesn't help much. Please post back the full text of the error message that you are getting now.

I suspect you may be missing some files or other tables. If you were hacked, as you suggest that you might have been, then who knows what could have been compromised.

Also, what CMS are you running and version?

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

Here's the entire error:

Forbidden

Referred From :

Only registered users can see links on this board!
Get registered or login to the forums!

Your IP : (my ip)
The Page Requested: /admin.php
Agent : Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.2)
Redirect Status : 403

Current CMS: RavenNuke 022001, Nuke Sentinel 2.6.01

montego · Posted: Thu Feb 26, 2009 5:58 am

Ok, couple things to try / look into:

1) Does it happen with all other news articles or is there something about this one only?

2) It may be something you have added to your .htaccess file that is doing the redirect?

3) Try it with FireFox too (and without any active plug-ins) just to rule out client-side issues.

4) Make sure all of your files were uploaded using a good FTP client, such as FileZilla (free from sourceforge.net) and if your target server is Linux, upload in binary mode.

montego · Posted: Thu Feb 26, 2009 6:00 am

Just thought of something else that might be even more possible. When you were going through changing the name of the admin.php file, had you, by chance, made any hard-coded changes to scripts - like with ones that didn't recognize the new name because of poor/old coding - that maybe you need to change back?

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

montego wrote:

Ok, couple things to try / look into:

1) Does it happen with all other news articles or is there something about this one only?

2) It may be something you have added to your .htaccess file that is doing the redirect?

3) Try it with FireFox too (and without any active plug-ins) just to rule out client-side issues.

4) Make sure all of your files were uploaded using a good FTP client, such as FileZilla (free from sourceforge.net) and if your target server is Linux, upload in binary mode.

Your line of questioning actually led me down the right path here. I shortened the article, it wasn't too long I think but then it took, no forbidden error. Is there an area where I can increase the size of articles? Is there a limit somewhere?

slackervaara · Worker Joined: Aug 26, 2007 Posts: 234

Did you have the word union in the text? This can cause blocking or that you just is throwed back to the index page.

Raven · Posted: Fri Feb 27, 2009 1:01 am

slackervaara,

Good thought Idea

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

slackervaara wrote:

Did you have the word union in the text? This can cause blocking or that you just is throwed back to the index page.

I narrowed it down to this one sentence:

Quote:

This fits into the cultic mold where only a few select can interpret the Word of God or have other documents purported to also come from God.

This is really weird because if I remove the word "from" at the end of the sentence and ad the word "by" then it works just fine.

Can anyone tell me why this is happening?

Raven · Posted: Fri Feb 27, 2009 4:33 am

Articles can have a max of 65,535 characters unless you are using double byte then it is reduced byi more for every db character. Is it possible your article is that long? But even if it was you shouldn't be getting a 403 error. Can you load the full article into a .txt file and print the url so that I can download it?

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

Raven wrote:

Articles can have a max of 65,535 characters unless you are using double byte then it is reduced byi more for every db character. Is it possible your article is that long? But even if it was you shouldn't be getting a 403 error. Can you load the full article into a .txt file and print the url so that I can download it?

No, its not that long. I've posted much longer articles than this one. Here is the link to the txt file:

Only registered users can see links on this board!
Get registered or login to the forums!

Thanks!

Raven · Posted: Fri Feb 27, 2009 6:02 pm

Ok, I have it and will see what I can dig up. Btw, that's a most excellent article and a great presentation of the only way to salvation through Jesus Christ Wink

. I'll get back to you if/when I find anything.

onnig · Hangin' Around Joined: Jun 15, 2006 Posts: 36

Raven wrote:

Ok, I have it and will see what I can dig up. Btw, that's a most excellent article and a great presentation of the only way to salvation through Jesus Christ Wink

. I'll get back to you if/when I find anything.

Thanks Raven!

Raven · Posted: Sat Feb 28, 2009 2:24 am

I just saw that you are running v2.20.01 which is not current. I just tested the article under the latest version (v2.30.01) and it works as it should. You can verify this by submitting the story at

Only registered users can see links on this board!
Get registered or login to the forums!

evaders99 · Posted: Sat Feb 28, 2009 2:28 pm

One too many .coms there Raven Smile

Raven · Posted: Sat Feb 28, 2009 2:45 pm

evaders99, Thanks!