401 error

registered · Posted: Tue Feb 22, 2005 3:14 am

i've uploaded all files and when i'm trying to login to admin.php i'm getting a 401 error

Code:

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.





Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

and it doesn't appear the common admin.php login block but the pop up window that i use to login into the cpanel my server uses. any suggestions ?

Posted: Tue Feb 22, 2005 12:07 pm

i haven't install sentinel yet because i can't login to admin.php if this is helpful

Posted: Tue Feb 22, 2005 12:18 pm

Start over but don't upload the htaccess changes until you have the install completed.

Posted: Tue Feb 22, 2005 12:30 pm

only the htaccess or should i recover mainfile too ?

Posted: Tue Feb 22, 2005 2:51 pm

The htaccess is probably the only issue. Once you have the rest running smoothly setup the admin Auth protection.

Posted: Wed Feb 23, 2005 2:47 am

well, i replaced htaccess , installed sentinel , didn't make any changes to the default settings just activated the scrolling sentinel block. when i'm trying to log in as administrator i face the same problem again. would it be vulnerable to have htaccess to default ?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Did it work before you installed NukeSentinel?

Posted: Wed Feb 23, 2005 3:03 am

yes when i brought htaccess to default i could log in as administrator and do anything.

Posted: Wed Feb 23, 2005 3:07 am

toyotaTRD wrote:

yes when i brought htaccess to default i could log in as administrator and do anything.

i mean that when i uploaded the modified htaccess for the first time i had that problem. after the replacement with the default everything was fine. but when i uploaded again the modified htaccess the problem appeared again

Posted: Wed Feb 23, 2005 7:36 am

Please posy the .htaccess here. Thanks.

Posted: Wed Feb 23, 2005 8:26 am

well here it is :

Code:

Options All -Indexes


DirectoryIndex index.php index.htm index.html





# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .staccess>


  deny from all


</Files>





<Files admin.php>


   <Limit GET POST PUT>


      require valid-user


   </Limit>


   AuthName "Restricted"


   AuthType Basic


   AuthUserFile /path/to/your/.staccess


</Files>





# -------------------------------------------


# Start of NukeSentinel(tm) DENY FROM area


# -------------------------------------------

Posted: Wed Feb 23, 2005 8:40 am

You have to change this:
AuthUserFile /path/to/your/.staccess

To a real address. You only need to use this sample.htaccess IF you have to use CGIAuth . If not, delete it and use HTTPAuth.

Posted: Wed Feb 23, 2005 8:47 am

mmm.. my server uses apache. so you are telling me touse my original .htaccess and enable httpauth from sentinel admin ?

Posted: Wed Feb 23, 2005 8:56 am

Yep. Apache is the only Web Server that uses .htaccess so that's a given Smile

Posted: Wed Feb 23, 2005 8:59 am

thanks for the help man!

Posted: Thu Feb 24, 2005 4:24 am

i've fixed that but i cannot edit my admins, in fact i cannot click that selection. the same is happening with httpauth

Posted: Thu Feb 24, 2005 9:40 am

the link admin.php?op=ABAuthList leads me to the default sentinel administration. how can i edit my admins ?

Posted: Thu Feb 24, 2005 11:15 am

Try this in your includes/sentinel.php find: function is_god($admin) {
Look for:

Code:




    //if((strtolower($admrow['name']) == "god" OR $admrow['radminsuper'] == 1) AND $admrow['pwd']==$apwd) { return 1; }


    if(strtolower($admrow['name']) == "god" AND $admrow['pwd']==$apwd) { return 1; }

Change it to:

Code:




    if((strtolower($admrow['name']) == "god" OR $admrow['radminsuper'] == 1) AND $admrow['pwd']==$apwd) { return 1; }


    //if(strtolower($admrow['name']) == "god" AND $admrow['pwd']==$apwd) { return 1; }

Posted: Fri Feb 25, 2005 8:54 am

it gives me an error :

Code:

Warning: main(defaults/config.php): failed to open stream: No such file or directory in /home/toyotatr/public_html/includes/sentinel.php on line 46





Fatal error: main(): Failed opening required 'defaults/config.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/toyotatr/public_html/includes/sentinel.php on line 46

Posted: Mon Feb 28, 2005 3:00 am

if i activate all protections will i face any problems? i mean without doing the above changes

Posted: Mon Feb 28, 2005 8:01 am

Really its the most important of all the protections. So yes I'd keep working to find the problem.

Are you getting errors now?

Posted: Mon Feb 28, 2005 8:23 am

always. in fact my site doesn't load to index.php i get only the error.

Posted: Mon Feb 28, 2005 8:58 am

Ok first get the includes/sentinel.php out of the install package you downloaded and upload it over the one you edited. (I think there may be some error originating there)

Then lets see where you are after that again.

Posted: Mon Feb 28, 2005 9:11 am

without the changes ? i'll try

Posted: Mon Feb 28, 2005 9:17 am

Yes we will treat the admin problem as a seperate issue. You are not the only one who is experiencing this so there must be some underlying problem with your admin table or function. The other person is using a fairly out of date phpnuke version. What version are you using?