Setting up Admin Auth

New Member Joined: Feb 22, 2007 Posts: 6

I have Nuke Sentinel version 2.5.02.
I was trying to setup the Admin Auth: Admin CGIAuth/AdminHTTP Auth
It said that I had to enter the locations of my:
.ftaccess
.staccess
.htaccess
(So I did)

The problem is that I only have these access files.
sample.ftaccess
sample.htaccess
sample.staccess
.htaccess

So I entered the locations for .htaccess and it said:
Normally: <<path removed by admin>>/.htaccess
File does not exist or is not correctly CHMODed.

So what do I do?
I dnt mind if I have HTTP Auth or CGI Auth working, whichever is the most secure.

Posted: Thu Feb 22, 2007 9:16 am

HTTP auth is easier to setup, so if you have the option then I would use that.

Posted: Thu Feb 22, 2007 9:19 am

I should add that the .ftaccess and .staccess are for CGIAUTH and the sample files are what you would use as a base to set it up.

Posted: Thu Feb 22, 2007 12:39 pm

Ok thank you for that, Ill use the HTTP auth

But I still get an error in the Sentinel administration saying that the file does not exist or is not correctly CHMODed.

Also i no the HTTP auth is easier to setup, but is the Admin CGI Auth more secure then?

Plus if I wanted to make the:
.staccess
.ftaccess

Would I just rename the follwing files:
/public_html/sample.staccess -> .staccess
/public_html/sample.ftaccess -> .ftaccess

Posted: Thu Feb 22, 2007 12:57 pm

jetlampitt wrote:

But I still get an error in the Sentinel administration saying that the file does not exist or is not correctly CHMODed.

So chmod it.

jetlampitt wrote:

Plus if I wanted to make the:
.staccess
.ftaccess

Would I just rename the follwing files:
/public_html/sample.staccess -> .staccess
/public_html/sample.ftaccess -> .ftaccess

Yes.

I have some questions too. When I first started using Sentinel, I don't think it had .ftaccess. What is this used for? I don't have one right now.

Why does .staccess need to be writable? When does Sentinel need to update it? I just put in the login/password into mine, uploaded it and made it read-only.

Posted: Thu Feb 22, 2007 1:40 pm

How do I CHMODed These files, can someone give me the nubers that I need
/public_html/.htaccess
/public_html/.ftaccess
/public_html/.staccess

Eg
/public_html/.htaccess -----> CHMODed = 777

tnx

Posted: Thu Feb 22, 2007 4:32 pm

I believe they should be CHMODed to 777, it should be in the documentation somewhere.

If you choose CGIAUTH make sure you read all the docs about setting it.

I asked a few questions from the experts (thanks G) and both methods should as secure as each other.

Posted: Thu Feb 22, 2007 5:32 pm

777 is a bit overkill, you don't need execute permissions. You'll probably want 666.

Posted: Thu Feb 22, 2007 6:43 pm

Ok, let me help clear some things up (I hope). I'll do it by "topic":

HTTPAuth vs. CGIAuth - Absolutely correct in that either way is just as good, HOWEVER, if you have HTTPAuth in your list there is a good chance that you have register globals turned on. If you are using RavenNuke, I'd suggest NOT doing that. It is unnecessary and just raises the risk level of your server environment. (I am being generic because there are just TOO many combinations of scripts to discuss the whys and wherefors).

.ftaccess - This was added a few NS releases back to store the flood blocker IPs addresses. Unfortunately, for most installations, 666 will be required in order for Apache/PHP to be able to write to it. If you don't use the Flood Blocker, you don't need it.

.htaccess - Needs to be 666 in order for Apache/PHP to be able to write to it. However, if you do not plan on having NS write the IP deny statements to this file, it does NOT have to be 666. It could be 644 instead. In addition, if you are using CGIAuth, you MUST have the .htaccess file.

.staccess - Not using CGIAuth? Then, you don't need it. If you are using CGIAuth, you need it and it needs to be 666 only I believe and really only when you are adding a new admin and need to have NukeSentinel write the hash to it. Otherwise, you could probably get away with 644.

This is JMO. It comes with no warranties either expressed nor implied.
ROTFL

Posted: Thu Feb 22, 2007 8:11 pm

Ok Thank you very much for that, Ive modded those files that you mentioned but it still comes up saying there is an error in Nuke Sentinel Administration.
Is there any way I can sort this, maybe you could have a look and see what ive done wrong some time? =(

Posted: Fri Feb 23, 2007 6:26 am

The key is, is everything working? Mine also gives me this message on my .staccess file as I choose not to have the "proper permissions". When I add a new admin (very rare occassion), I simply change the permissions back to 666, make the update, and set it back.

You should ONLY be seeing this "chmod error" on the .staccess file. If you have it on any of the other two, then you have either not set the correct full path to these files or you have not set them to 666.

Posted: Fri Feb 23, 2007 2:12 pm

The Path is correct:
/public_html/.htaccess
/public_html/.staccess
/public_html/.ftaccess

And they are all moded to 666
But i still get an error, soomethings not rite, and now I can not use floood protection.

Posted: Sun Feb 25, 2007 5:26 pm

Is this on a shared server? If so, that path does not look correct. Unfortunately, you must give the full absolute path. It might be something like this:

/home/mysite/public_html/.htaccess

or even longer.

Posted: Mon Feb 26, 2007 2:16 am

Ok, Thankyou verymutch for that; as I only had access to public_html on my ftp, i thought that <<path details removed by admin>>/.ftaccess must be incorrect. now since i CHMODed it and put the correct path in its working fine =).

Posted: Mon Feb 26, 2007 10:29 pm

Excellent. Glad to have been of some assistance.

Dance-Stick