Sentinel Banning Admins

Worker Joined: Jan 17, 2007 Posts: 170

I am the god admin of my site... and just before when I loaded my browser up (mozilla) and wanted to sign out as god admin to test somthing I got banned:

Date & Time: 2007-01-21 04:40:33 UTC GMT +0000
Blocked IP: 203.59.155.*
User ID: OzButcher (2)
Reason: Abuse-Admin
--------------------
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
Query String: burntclan.swisshut.com/admin.php?op=logout
Get String: burntclan.swisshut.com/admin.php?op=logout
Post String: burntclan.swisshut.com/admin.php
Forwarded For: none
Client IP: none
Remote Address: 203.59.155.116
Remote Port: 1471
Request Method: GET
--------------------
Who-Is for IP
203.59.155.116

also... I created another admin superuser for one of my members and when he tried to edit the Admin Edits in the admin center he also gets banned?

please reply if you can help, thanks.

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

Did you protect those admins and scan for new admins in NukeSentinel?

Posted: Sat Jan 20, 2007 10:01 pm

You can protect your ip by placing it in the protected range in NukeSentinel. If your ip stays the same just put it in both sets of boxes. If it changes you can try to add the range it travels from in the sets of boxes, just realize that anyone coming in your site in that range is also protected. Only the God Admin can make edits I believe to the admins of the site.

Posted: Sat Jan 20, 2007 10:05 pm

I had a look... I was protected... I had to erase the .htaccess file on my webserver so I could get back in and delete the ipban in myphpadmin. strange.

I have now protected my other admins...

what ip range should I keep free for myself? I'm not very good with ip addresses.

Posted: Sat Jan 20, 2007 10:17 pm

btw... have you guys gotten "CGIAuth Setup" to work? I followed all the steps in the readme... up to the point where

"Save this in c:\program files\xampp\htdocs\burntclan\.htaccess"

when I paste in this code:

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth

Code:

# -------------------------------------------


<Files .staccess>


deny from all


</Files>





<Files admin.php>


<Limit GET POST PUT>


require valid-user


</Limit>


AuthName "Restricted by NukeSentinel(tm)"


AuthType Basic


AuthUserFile c:\program files\xampp\htdocs\burntclan\.staccess


</Files>


# -------------------------------------------


# End of NukeSentinel(tm) admin.php Auth


# -------------------------------------------

when I try to sign in... I get some kind of Error 500. I am not using this option atm because I couldnt get it working.

Posted: Sat Jan 20, 2007 11:18 pm

here is how you can find out what ip you are using on the net: http://whatismyipaddress.com/

How did you check if you were protected without knowing your ip? Maybe I misunderstood you? Does your ip stay the same each time you get on the net or does it randomly change? Yes, I have gotten the CGIAuth to work, but at the moment I am not using it till I figure out how to have it not affect my sub-domains. Did you do a search here for CGIAuth and the error you were getting?

Posted: Sun Jan 21, 2007 2:51 am

well after I edited the ip ban list in phpmyadmin and removed the .htaccess file I was able to get back into the admin center. I checked the admin rights... I was listed as protected but not my 2 other admins. I also remember that I was protected... (just didnt know what the protection meant until I posted here) Smile

I'll have to try the admin auth problem again because I can't remember the exact error.

Posted: Sun Jan 21, 2007 5:00 am

You shouldn't need to remove the .htaccess file, just remove your IP address from the file.

Posted: Sun Jan 21, 2007 6:24 am

ah right

do I need to create another blank .htaccess now or will sentinel create another if someone tried to hack in?

Posted: Sun Jan 21, 2007 7:42 am

There is actually a section in Nuke Sentinel called Protected Range Menu. If you click on that you will see a list of choices then on the right hand side of the page such as Add Protected Range. There is where you can protect your ip.