NukeSentinel™ User Guide - Version 2.2.2
About NukeSentinel™ ::
Installation ::
IP 2 Country Installation ::
File Edits ::
Main Menu ::
FAQ's
Troubleshooting & FAQ
Fatal error: Call to undefined function: abget_configs()
Fatal error: Cannot redeclare absave_config()
Error when clicking on one of the banned IP links
Some users cannot access my site if I have Proxy Blocker enabled
IP Forwarding services conflict with Force URL option
A Brief Definition of the Blocker Types
The first option in each of the configurations is Activate.
What does "write to htaccess" mean and is it a good idea to turn it on?
What is IP Block Type and what should I set it to?
What is Block Duration and what should I set it to?
How do I edit the Site Disabled Site Reason page?
I don't see the Sentinel Block on my site, how do I get it turned on?
How do I know if my server is running PHP as an Apache module or CGI?
I have .htaccess listed in the .htaccess path, but the IP's are not getting added to the file.
Apache is compiled as CGI, what more can I do?
I set Admin HTTP Auth to on, and now I cannot get logged in as Admin.
When I test Sentinel, I get a blank page, and don't get banned.
NukeSentinel™ does not allow me to click on Protected Admins
List, Admin HTTPAuth List, or Scan for New Admins, they do not
appear as links, but the help image does appear as a link, but
it never opens anything when clicked on.
Answer
You can only click on the Protected Admins List, etc when you are logged in as God Admin.
Answer
You can only click on the Protected Admins List, etc when you are logged in as God Admin.
Fatal error: Call to undefined function: abget_configs() in
/xxxx/xxxxxxxx/public_html/admin/modules/sentinel.php on line 28
Answer
Be sure you have added
to your mainfile.php just after the opening <?php line on it's own line. Like this:
Answer
Be sure you have added
|
if ($forum_admin == 1) {
include("../../../includes/sentinel.php"); } elseif ($inside_mod == 1) { include("../../includes/sentinel.php"); } else { include("includes/sentinel.php"); } |
to your mainfile.php just after the opening <?php line on it's own line. Like this:
|
<?php
if ($forum_admin == 1) { include("../../../includes/sentinel.php"); } elseif ($inside_mod == 1) { include("../../includes/sentinel.php"); } else { include("includes/sentinel.php"); } |
Fatal error: Cannot redeclare absave_config()
(previously declared in /web/includes/sentinel.php:542)
in /web/admin/modules/sentinel.php on line 32
Answer
Make sure that in mainfile.php that you only have 1 instance of
Answer
Make sure that in mainfile.php that you only have 1 instance of
|
if ($forum_admin == 1) {
include("../../../includes/sentinel.php"); } elseif ($inside_mod == 1) { include("../../includes/sentinel.php"); } else { include("includes/sentinel.php"); } |
Error when clicking on one of the banned IP links
In Sentinel's administration in "Add Ip Address" it says :
To add a subnet, use the format: 192.168.1.*
But if I ban the ip with the * , then in ripe whois ip link it says :
ERROR:108: bad character in input. An invalid character was passed in the query. Allowed characters are letters, numbers, and these: -_:+=.,@/?'.
Answer
In 2.0.0 and up, the lookups will replace any *'s with 0's so those IP lookup systems will understand it.
In Sentinel's administration in "Add Ip Address" it says :
To add a subnet, use the format: 192.168.1.*
But if I ban the ip with the * , then in ripe whois ip link it says :
ERROR:108: bad character in input. An invalid character was passed in the query. Allowed characters are letters, numbers, and these: -_:+=.,@/?'.
Answer
In 2.0.0 and up, the lookups will replace any *'s with 0's so those IP lookup systems will understand it.
Some users cannot access my site if I have Proxy Blocker enabled
Answer
NukeSentinel™ Proxy Blocker will prevent AOL users and all others that use proxy servers from accessing your site. To prevent these users from being blocked, you must disable the Proxy Blocker feature.
Answer
NukeSentinel™ Proxy Blocker will prevent AOL users and all others that use proxy servers from accessing your site. To prevent these users from being blocked, you must disable the Proxy Blocker feature.
IP Forwarding services conflict with Force URL option
Answer
IP Forwarding services such as NO-IP.com, IPUpdate.net, Directupdate.net, and others MAY not work correctly with the Force URL option enabled. Also, if you run a mirror image of your website locally and have the Force URL set to Enabled, it will redirect you to the Internet site instead of your local copy.
Also, if you are hosting a copy of your site locally, and test NukeSentinel™ Force URL option, your local site may redirect to the live version of your site on the web.
Answer
IP Forwarding services such as NO-IP.com, IPUpdate.net, Directupdate.net, and others MAY not work correctly with the Force URL option enabled. Also, if you run a mirror image of your website locally and have the Force URL set to Enabled, it will redirect you to the Internet site instead of your local copy.
Also, if you are hosting a copy of your site locally, and test NukeSentinel™ Force URL option, your local site may redirect to the live version of your site on the web.
A Brief Definition of the Blocker Types
Admin Blocker: Prevents attacks that target the "nuke_authors" table.
CLIKE Blocker: Prevents "comment like" attacks that use / and/or * to inject into your database.
UNION Blocker: Prevents attacks that use the "union" command to inject code into your database.
FILTER Blocker: Prevents primarily "XSS" type attacks.
Harvester Blocker: Blocks the use of selected user agents, and or bots that harvest email addresses, graphics, and other data they can get to.
Referer Blocker: Block selected sites from referering visitors to your site, block the use of Anonymizers that use pornography sites as referers.
Scripting Blocker: Blocks the use of many html tags that could be used to breach your site.
Request Method Blocker: Allows you to prevent the use of request methods such as HEAD, SEARCH.
NOTE: Do NOT attempt to use the "Request Method Blocker" feature to block POST or GET commands as it will crash your site.
String Blocker: Blocks abusive url line string queries that are commonly used by hackers.
Admin Blocker: Prevents attacks that target the "nuke_authors" table.
CLIKE Blocker: Prevents "comment like" attacks that use / and/or * to inject into your database.
UNION Blocker: Prevents attacks that use the "union" command to inject code into your database.
FILTER Blocker: Prevents primarily "XSS" type attacks.
Harvester Blocker: Blocks the use of selected user agents, and or bots that harvest email addresses, graphics, and other data they can get to.
Referer Blocker: Block selected sites from referering visitors to your site, block the use of Anonymizers that use pornography sites as referers.
Scripting Blocker: Blocks the use of many html tags that could be used to breach your site.
Request Method Blocker: Allows you to prevent the use of request methods such as HEAD, SEARCH.
NOTE: Do NOT attempt to use the "Request Method Blocker" feature to block POST or GET commands as it will crash your site.
String Blocker: Blocks abusive url line string queries that are commonly used by hackers.
The first option in each of the configurations is Activate. What one should I set it to?
Answer
Off - Turns off this protection method
Email Admin - Sends an email to the Admin(s) listed in the NukeSentinel™ Administration page
Forward - Forwards the attacker to the URL listed in the Forward to
Default Page - Sends the attacker to the default NukeSentinel™ banned page
Email & Forward - Sends an email, and forwards attacker to the URL
Email & Default Page - Sends an email and sends attacker to the default page
Email, Block & Forward - Sends an email, blocks the IP by adding to .htaccess and the database, and forwards to the URL
Email, Block, & Default Page - Sends an email, blocks the IP by adding to .htaccess and the database, and sends the attacker to the default page
Answer
Off - Turns off this protection method
Email Admin - Sends an email to the Admin(s) listed in the NukeSentinel™ Administration page
Forward - Forwards the attacker to the URL listed in the Forward to
Default Page - Sends the attacker to the default NukeSentinel™ banned page
Email & Forward - Sends an email, and forwards attacker to the URL
Email & Default Page - Sends an email and sends attacker to the default page
Email, Block & Forward - Sends an email, blocks the IP by adding to .htaccess and the database, and forwards to the URL
Email, Block, & Default Page - Sends an email, blocks the IP by adding to .htaccess and the database, and sends the attacker to the default page
What does "write to htaccess" mean and is it a good idea to turn it on?
Answer
Yes - Writes the blocked IP address to the .htaccess file
No - Does not write the blocked IP address to the .htaccess file
Adding the blocked IP to the .htaccess file will stop the attacker at the server level. The attacker will never be able to get to any part of your website again
Answer
Yes - Writes the blocked IP address to the .htaccess file
No - Does not write the blocked IP address to the .htaccess file
Adding the blocked IP to the .htaccess file will stop the attacker at the server level. The attacker will never be able to get to any part of your website again
What is IP Block Type and what should I set it to?
Answer
Full IP (127.2.3.4) - Blocks the specific IP address and writes this IP to the .htaccess and database
1 Octet (127.2.3.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
2 Octets (127.2.*.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
3 Octets (127.*.*.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
The full IP blocks just that specific IP. The other ranges allow you to block subnets, up to and including specific countries using that IP range
Answer
Full IP (127.2.3.4) - Blocks the specific IP address and writes this IP to the .htaccess and database
1 Octet (127.2.3.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
2 Octets (127.2.*.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
3 Octets (127.*.*.*) - Blocks the subnet of the IP and writes this to the .htaccess and database
The full IP blocks just that specific IP. The other ranges allow you to block subnets, up to and including specific countries using that IP range
What is Block Duration and what should I set it to?
Answer
Permanent - This type of ban does not expire and will not be removed until you clear it
Days 1 to 365 - This type of ban will expire in the amount of days selected and the IP will be removed from the banned list after the selected time period.
Answer
Permanent - This type of ban does not expire and will not be removed until you clear it
Days 1 to 365 - This type of ban will expire in the amount of days selected and the IP will be removed from the banned list after the selected time period.
How do I edit the Site Disabled Site Reason page?
Answer
This is the file: html/abuse/admin_site_reason.tpl
Answer
This is the file: html/abuse/admin_site_reason.tpl
I don't see the Sentinel Block on my site, how do I get it turned on?
Answer
You need to go into Blocks in your Admin Panel and select 'make new block' then choose Sentinel from the drop down menu. You can then choose who can see it like you can with the other blocks. For example: All Visitors, Registered Users Only, Administrators Only, or Anonymous Users Only.
Answer
You need to go into Blocks in your Admin Panel and select 'make new block' then choose Sentinel from the drop down menu. You can then choose who can see it like you can with the other blocks. For example: All Visitors, Registered Users Only, Administrators Only, or Anonymous Users Only.
How do I know if my server is running PHP as an Apache module or CGI?
Answer
Create a new document in your text editor and place:
Answer
Create a new document in your text editor and place:
|
<?
phpinfo(); ?> |
I have .htaccess listed in the .htaccess path, but the IP's are not getting added to the file.
What can I do to make them write to the .htaccess file?
Answer
Some users who are set up using Virtual Hosting have encountered this problem. Create a new document in your text editor and place:
If it looks something like the following:
/usr/local/xxx/home/vhosts/mywebsite/httpdocs/.htaccess Then it may be something with your virtual hosting and the path to mywebsite. If this is the case, you can include the entire path in your .htaccess path in NukeSentinel™ Administration screen.
Answer
Some users who are set up using Virtual Hosting have encountered this problem. Create a new document in your text editor and place:
|
<?
echo 'rp = '.realpath('index.html'); ?> |
If it looks something like the following:
/usr/local/xxx/home/vhosts/mywebsite/httpdocs/.htaccess Then it may be something with your virtual hosting and the path to mywebsite. If this is the case, you can include the entire path in your .htaccess path in NukeSentinel™ Administration screen.
Apache is compiled as CGI, what more can I do?
HTTP Authentication is a process that challenges the user to enter an id and password. This is only valid under Apache. You will need 2 files. One is .htaccess and the other is a file to hold the users and passwords that are allowed access to the file. The .htaccess file will be stored in the folder where admin.php is located, which is your root nuke folder. If you already have an .htaccess just add this code to it. Otherwise you will have to create an .htaccess file. Add this code to .htaccess
Now the REAL_PATH_TO_ID_PASS_FILE will be site specific, but many *nix sites have a realpath to your public_html/www folder that looks like this:
/home/USERNAME/public_html/
So, let's assume that your secret file is named mysecretfile. I would make it hidden by naming it .mysecretfile. Now, the contents will be a username:password, like myusername:mysecretpass, except mysecretpass needs to be encrypted with the crypt() function. I will not attempt an explanation of the function, but I will provide a short script I wrote to help you . The salt value can be whatever you like. Save this script as a .php file, like crypt.php
So, upon entering your password of 'mysecretpass' with a salt of 'Rv' (remember it can be anything you want), we get an encrypted value of 'RvXXrWfFcualM'. So, we now place myusername:RvXXrWfFcualM in the .mysecret file. Note that we have also protected snooping eyes from directly accessing .mysecretfile (RELATIVE_PATH_FILE) by adding a 'deny from all' directive in the .htaccess file (you could also chmod the permissions to restrict it). In this instance the path is relative to the location of .htaccess so you would just substitute .mysecretfile. So, translating based on the above, your .htaccess file will look like:
Now we upload .htaccess and .mysecretfile to the nuke root folder and hopefully when you try to access the admin.php file you will be challenged appropriately. Please note that you cannot use both HTTP Auth in NukeSentinel™ and .htaccess HTTP Auth. It will give the browser a migraine. You can also move the .mysecretfile to any location outside of the root. Just modify the AuthUserFile location. In that case you could also remove the 'deny from all' directive as it is outside of the web root.
Addendum
You can also code for specific user(s) and/or group(s). Suppose you only wanted usernames Bob and Alice to have access. You would code that like:
And likewise, you could have a group named 'admins' and you could code that as:
HTTP Authentication is a process that challenges the user to enter an id and password. This is only valid under Apache. You will need 2 files. One is .htaccess and the other is a file to hold the users and passwords that are allowed access to the file. The .htaccess file will be stored in the folder where admin.php is located, which is your root nuke folder. If you already have an .htaccess just add this code to it. Otherwise you will have to create an .htaccess file. Add this code to .htaccess
|
<Files RELATIVE_PATH_TO_ID_PASS_FILE>
deny from all </Files> <Files admin.php> <Limit GET POST PUT> require valid-user </Limit> AuthName "Restricted" AuthType Basic AuthUserFile REAL_PATH_TO_ID_PASS_FILE </Files> |
Now the REAL_PATH_TO_ID_PASS_FILE will be site specific, but many *nix sites have a realpath to your public_html/www folder that looks like this:
/home/USERNAME/public_html/
So, let's assume that your secret file is named mysecretfile. I would make it hidden by naming it .mysecretfile. Now, the contents will be a username:password, like myusername:mysecretpass, except mysecretpass needs to be encrypted with the crypt() function. I will not attempt an explanation of the function, but I will provide a short script I wrote to help you . The salt value can be whatever you like. Save this script as a .php file, like crypt.php
|
<form method='post'>
Enter password to be encrypted using crypt(): <input name='pw'><br /><br /> Enter the 'salt' value for the encryption (2 long): <input name='salt' maxlength='2'><br /><br /> <input type='submit' name='submit' value='Encrypt'><br /><br /> <? if (isset($_POST['submit'])&&isset($_POST['pw'])&&!empty($_POST['pw'])) { echo "Password <b>".$_POST['pw']."</b> translated is <b>".crypt($_POST['pw'],$_POST['salt'])."</b>"; } ?> |
So, upon entering your password of 'mysecretpass' with a salt of 'Rv' (remember it can be anything you want), we get an encrypted value of 'RvXXrWfFcualM'. So, we now place myusername:RvXXrWfFcualM in the .mysecret file. Note that we have also protected snooping eyes from directly accessing .mysecretfile (RELATIVE_PATH_FILE) by adding a 'deny from all' directive in the .htaccess file (you could also chmod the permissions to restrict it). In this instance the path is relative to the location of .htaccess so you would just substitute .mysecretfile. So, translating based on the above, your .htaccess file will look like:
|
<Files .mysecretfile>
deny from all </Files> <Files admin.php> <Limit GET POST PUT> require valid-user </Limit> AuthName "Restricted" AuthType Basic AuthUserFile /home/USERNAME/public_html/.mysecretfile </Files> |
Now we upload .htaccess and .mysecretfile to the nuke root folder and hopefully when you try to access the admin.php file you will be challenged appropriately. Please note that you cannot use both HTTP Auth in NukeSentinel™ and .htaccess HTTP Auth. It will give the browser a migraine. You can also move the .mysecretfile to any location outside of the root. Just modify the AuthUserFile location. In that case you could also remove the 'deny from all' directive as it is outside of the web root.
Addendum
You can also code for specific user(s) and/or group(s). Suppose you only wanted usernames Bob and Alice to have access. You would code that like:
|
<Files admin.php>
<Limit GET POST PUT> require user Bob Alice </Limit> AuthName "Restricted" AuthType Basic AuthUserFile /home/USERNAME/public_html/.mysecretfile </Files> |
And likewise, you could have a group named 'admins' and you could code that as:
|
<Files admin.php>
<Limit GET POST PUT> require group admins </Limit> AuthName "Restricted" AuthType Basic AuthUserFile /home/USERNAME/public_html/.mysecretfile </Files> |
I set Admin HTTP Auth to on, and now I cannot get logged in as Admin.
Is there a way to diable this feature and reconfigure with a valid user/pass?
Answer
This would normally use your Superuser (or GOD admin) user name and password. If this does not work, you can edit the database using PHPMyAdmin. Find the table nuke_nsnst_config, then find the field HTTP Auth and set this value to 0 (zero). Log in to your site as admin, go to the Sentinel contol panel. Click on Admin HTTP Auth. This will show the protected admins. Click on your admin name and in this window, you can set a new password for the Admin HTTP Auth.
Answer
This would normally use your Superuser (or GOD admin) user name and password. If this does not work, you can edit the database using PHPMyAdmin. Find the table nuke_nsnst_config, then find the field HTTP Auth and set this value to 0 (zero). Log in to your site as admin, go to the Sentinel contol panel. Click on Admin HTTP Auth. This will show the protected admins. Click on your admin name and in this window, you can set a new password for the Admin HTTP Auth.
When I test Sentinel, I get a blank page, and don't get banned.
Answer
Try turning off the email lookup in NukeSentinel™ Administration
Answer
Try turning off the email lookup in NukeSentinel™ Administration
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
