| Author |
Message |
erisds
New Member
Joined: Sep 07, 2005
Posts: 11
|
 Posted:
Sun Sep 03, 2006 3:22 am |
|
Hi Everyone,
I'm sorry, but I have a really n00bie question to ask 
I am totally new to Sentinel although I've been using and abusing phpnuke for years. Truth is, I'm pretty clueless to what its does, why and how it does it and I know I really need to do some reading up.
BUT my site has gone live and since one of the members of the game clan the site was made for has had trouble with being banned from part of the site, and I'm hoping someone will give me a hand so I can get it sorted quickly 
So I have RavenNukes latest distro freshly installed with a custom theme and some nice extras like Gallery 2 and vWar: www.pfb-clan.co.uk
This particular member was rooting around in the FAQ and got banned and is since not allowed to access the FAQ.
There are no banned IP's at the moment and I have no idea where this information that he is banned is stored so I can unban him? I have told him to delete cookies and cache but that didn't seem to work.
So my question is. Why did Sentinel ban him, and how do I undo it?
Here is the orignal email I got sent from Sentinel (sensitive info hashed out):
Any help will be greatly appreciated,
Thanks,
Eris the N00b |
| |
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Sun Sep 03, 2006 5:43 am |
|
If he can still see the site, then he was not banned - just got the warning message.
If his IP is not in the blocked IP table, then he didnt get banned - just got the warning.
Something in the url was not allowed, which is why he got the error warning - it might be the use of illegal characters - (PFB)+Clan.
You shouldnt be using vWar it is one of the most frequent scripts that hackers use to gain unauthorised access to your site.
Update you Sentinel version.
Are your forums up to date? |
| |
|
|
|
FireATST
RavenNuke(tm) Development Team
Joined: Jun 12, 2004
Posts: 654
Location: Ohio
|
| Posted:
Sun Sep 03, 2006 7:25 am |
|
I believe there is a standalone version of Vwar that is outside of nuke that should help protect your site. |
| |
|
  |
|
fkelly
Former Moderator in Good Standing
Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY
|
| Posted:
Sun Sep 03, 2006 8:17 am |
|
Just to clarify about where banned IP's go. The most convenient place to look for them is right in the NS administration screen. There is a blocked IP menu and then on that a command to display blocked IP's. There are also functions to unban them if you want. Then as Hitwalker mentioned there is a table whose name is $prefix_nsnst_blocked_ips where prefix is usually "nuke". There's also a blocked ranges table but that's probably not in play here. Finally, you can look right at the .htaccess file. There should be a list of "deny from" IP addresses. Most of the IP addresses that Sentinel bans get written there. That gives you a few places to check if the person keeps having problems. |
| |
|
|
|
|
erisds
|
| Posted:
Sun Sep 03, 2006 8:33 am |
|
Right,
Forums are up-to-date.
Sentinel is 2.4.2pl5 is there an update?
As for my problem it happens to everyone including me once i've logged out of admin. I haven't got sentinel set to ban them so they aren't being banned, however, Sentinel keeps stopping them from accessing pages which are auto-generated by standard Nuke.
So sentinel has a problem with URLs which are generated by the FAQ which is included in standard Nuke. Basically, sentinel doesn't like me having brackets in my category names???? So whats the point of having Sentinel if it stops me from using parts of nuke?
Also the block is for reason "abuse script" not "abuse string" ?? |
| |
|
|
|
|
fkelly
|
| Posted:
Sun Sep 03, 2006 10:22 am |
|
Looking at the code for Sentinel it appears that yes, Sentinel doesn't like you having brackets in your get string. The author would have to address the security reasons for that. I believe that the line in question is:
Code:(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
|
from the section of Sentinel where it validates get strings. You could either modify the code or get rid of the brackets in your categories. Your choice of poison. Or you could get rid of Sentinel and get hacked. Another choice of poison.
As to updates, look on Nukescripts.net. There are a number of updates available. Read the download area closely because I believe you have to update in stages.
The next release of Ravennuke will have a current release of Sentinel built in and you might also want to consider waiting for that. |
| |
|
|
|
|
erisds
|
| Posted:
Sun Sep 03, 2006 12:14 pm |
|
Thanks V. much for the info.
Removed my brackets from my categories. Slightly annoying but i'd like to keep the protection of Sentinel! |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
