RNYA and Sentinel fighting each other

Posted: Thu Aug 13, 2009 3:15 pm

Here's a good one. Say you have RNYA set up to block an email domain such as mail.ru (just for instance). Now you have the string blocker in Nuke Sentinel set to block mail.ru also.

Now you go into RNYA to make a configuration change of any kind. You submit it and bammo you are banned from your site ... or if you have a protected IP you still get the Sentinel warning screen and your changes don't go through. Problem is that all the configuration settings are sent as a POST string and Sentinel filters through all that looking for offending strings.

Solution: deactivate the string blocker in NS, at least temporarily.

Posted: Thu Aug 13, 2009 3:32 pm

My feelings are if the admin/user is smart enough to be doing these things than it is their responsibility to set it up right.

Posted: Thu Aug 13, 2009 4:25 pm

Yeah, I know this problem but this shows only how good the string blocker works and I would never deactivate this blocker from one of my site where I don´t have the .ru e-mails in RNYA. Its like Palbin said you are the (web)master of your site. So you need to be smart and flexible. You have all options it up to you to make the best of it. Smile

Posted: Thu Aug 13, 2009 5:19 pm

I agree with both of you (Susann and Palbin). However, Sentinel has been around for years whereas RNYA is relatively recent. So it's likely that someone who wants to block "mail.ru" would wind up with it in both places. And it's not like NS gives you a message: "string: "mail.ru" has been blocked" ... you have to parse through a pretty long post string to find out what's going on. So I just thought I'd post this in case anyone down the road runs into it.

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

It's unlikely that you'd end up in both place (unless one of them did not work).

registered · Posted: Fri Aug 14, 2009 9:14 am

It happened to me when I upgraded to 2.3.0 awhile back. I had mail.ru in my string blocker for a few years prior to that and forgot about it. Then, I went to add a new domain in RNYA to block, and got the NS ban message for the string blocker.

I don't know that we should do anything about it other than maybe create a sticky under a NukeSentinel forum? Just wanted you to know kguske that it is a real issue, but born out of "legacy".

Posted: Fri Aug 14, 2009 9:24 am

I think that having this thread here is probably enough ... in terms of doing anything about it. Anyone searching should find it ... 6 months from now or a year or whatever. And yes, it is a real issue and you don't have to be doing anything with a domain to come across it, any kind of configuration change in RNYA is likely to kick it off. Someday it would be nice to make the NS messages more targeted: to tell you exactly what POST string or regular string it objects to but that's a different topic and not needed immediately.

Posted: Fri Aug 14, 2009 9:25 am

OK, but it it is born out of legacy. New users won't use the string blocker to prevent registration - logically, the configuration for that is in RNYA. It's only you old fogies who are using string blockers for that unusual purpose... Smile

Posted: Fri Aug 14, 2009 11:55 am

I doubt the majority of sentinel users even take the time to use string blockers at all.. I think a sticky thread would suffice.

Posted: Sat Aug 22, 2009 7:45 am

This is now a Sticky.