| Author |
Message |
somnus
New Member
Joined: Aug 28, 2005
Posts: 12
|
 Posted:
Tue Dec 20, 2005 6:47 pm |
|
I have installed the latest release on my site and it is working all but the .htaccess...
I type my NS id/pass and the htaccess box just keep re-appearing!
I can not admin my site at all.
How do I get around this? I followed the directions perfectly and all worked fine up until this point. |
| |
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Tue Dec 20, 2005 9:15 pm |
|
If the directions were followed perfectly, it would be working, or else I'd have over 1000 people contacting me  |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Tue Dec 20, 2005 9:18 pm |
|
Edit the appropriate sentinel config table in phpmyadmin to turn the HTTPAuth check off then go through the readme again |
| |
|
|
|
somnus
|
| Posted:
Tue Dec 20, 2005 9:20 pm |
|
| Raven wrote: | | If the directions were followed perfectly, it would be working, or else I'd have over 1000 people contacting me |
I followed them exactly as they were.
I did have to edit two files to get the http auth box to drop down. I put .htaccess in the right spot, but I am wondering if I should have put the true path to it..?
How would I edit that?
This is the only thing I can think of that could be wrong. |
| |
|
|
|
|
somnus
|
| Posted:
Tue Dec 20, 2005 9:21 pm |
|
| Guardian2003 wrote: | | Edit the appropriate sentinel config table in phpmyadmin to turn the HTTPAuth check off then go through the readme again |
What table is that in exactly? |
| |
|
|
|
|
Raven
|
| Posted:
Tue Dec 20, 2005 9:22 pm |
|
First of all, you do not need .htaccess and .staccess to use HTTP Auth, only CGI Auth. There will be no drop down until all the admins have passwords assigned. You should not need to edit anything. |
| |
|
|
|
|
somnus
|
| Posted:
Tue Dec 20, 2005 9:27 pm |
|
| Raven wrote: | | First of all, you do not need .htaccess and .staccess to use HTTP Auth, only CGI Auth. There will be no drop down until all the admins have passwords assigned. You should not need to edit anything. |
I needed to apply the register_globals.ini hack to get a drop down box.
From your readme file in the distro...
| Quote: | You now need to complete the NukeSentinel(tm) configuration. As a default, NS is set to Track IP's and Email admin on Union, Admin, Author, CLike, Filter, and Script exploit attempts.
I recommend changing the Union, Admin, Author, CLike, Filter, and Script settings to Email,Block and Default. You can't yet use the write to .htaccess setting but you soon will.
Change the Admin Contacts to point to your email that you want to receive NS notifications.
If you click on Admin Auth List, your list should be empty. You need to add admins now from your nuke Admin table. Select Scan For New Admins. When completed, select Admin Auth List. You should now see at least 1 admin entry. It will be your *God* nuke admin entry. Click the rightmost little icon (Edit). Add/change the NS ID, Password, and make sure the ID IS PROTECTED. The NS ID and Password do NOT have to be the same as your regular phpnuke AdminID/Pass. For the ultra-paranoid, don't leave them the same. .
Now, you should be able to set up the write to .htaccess setting!
First of all, click the "NukeSentinel(tm) Administration" link to get back to the main panel.
Find "htaccess Path:" and simply type .htaccess. Save the settings.
Next, Goto Blocker Configuration and do the following for each of the Union, Admin, Author, CLike, Filter, and Script Blockers:
Set the Write to .htaccess setting to YES.
Save the settings for each.
Now, you should be able to SAFELY activate the Admin Access Protection part of NukeSentinel(tm). Go back to the "NukeSentinel(tm) Administration" main panel. In the "Administrative Settings" section you should see a drop down box beside "Admin Auth:". Hopefully you will see "Off", "Admin HTTPAuth", and "Admin CGIAuth". It's okay if "Admin CGIAuth" is NOT there. Simply click "Admin HTTPAuth" and save the settings. If all is working for you, you will now be prompted with the standard Browser HTTP Authentication Pop Up. Type in your NS id/pass and it should then let you in. Assuming it does, Close all browser sessions that you might have open so we can REALLY test this.
Open up a new, single browser session and type http://www.YOURDOMAIN.com or http://www.YOURDOMAIN.com/html and select GO or press enter. You should see your nuke site with the Welcome message.
Next, type http://www.YOURDOMAIN.com/admin.php or http://www.YOURDOMAIN.com/html/admin.php and select GO or press enter. You should be prompted with the HTTP Authorization screen. Enter your NS id/pass and submit it. Assuming it works, you should now see the regular nuke Admin login screen. Enter your nuke admin id/pass and submit it. You should now see your nuke ACP. |
I did all the above _exactly_ as it states, and this is the problem I am having. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
