Cannot Log In to admin.php during install process

Regular Joined: May 13, 2006 Posts: 89

I just completed the first steps of the installation process for v2.10.01, including supplying the GOD user and pw info. Now, when I try to log on as http://...site name/admin.php, I get a normal "windows popup for log in for the user/pw, however, it will not accept the user/pw I just gave it. And I Know I did not fat-finger the password (I can see the user is correct in the nuke-author's table.)

Help...I am totally stuck now and unable to move forward. Ideas?

spurt

(note: there were some nebulous instructions about the .htaccess and .staccess files that I may not have understood. I changed the sample.htaccess and sample.staccess files to simply .htaccess and .staccess. Not sure if that was right to do, but again, I did not understand the brief instructions about it, or when to do what. I also chmod'd them to 777, after renaming.)

Posted: Sat Jun 09, 2007 12:21 pm

spurtus, I would remove the .htaccess and staccess and reload the standard ones that came with the install and not the sample ones. See if that corrects your issues.

Posted: Sat Jun 09, 2007 1:22 pm

Thanks....I am trying that...I do get an error message in the sentinel config, tho, that says the files are not properly chmod'd....do you know what these files should be set at?

Thanks again!

Spurt

Posted: Sat Jun 09, 2007 1:27 pm

Try 644 first

Posted: Sat Jun 09, 2007 2:13 pm

I found in the doc where it said to temporarily set them to 777 while I was setting up the http auth. However, after following these steps, and chmoding back to 666 as described in the release notes, when I go to run nuke sentinel, it "pops up" a log in window, that has my GOD user prepopulated, but the pw is blank. When I enter the pw, it does not accept it (and I know I am typing it right). I can get around all this bill deleting .htaccess, but am now wondering what that might be exposing me to? I believe I have to use CGI Auth, as I am given no other option.

Here are the instructions verbatim, from the release:

Should you find yourself in the smaller group of users that require CGI Auth (as we call it), following these instructions to use and activate CGI Auth (HTTP Authentication using .htaccess and .staccess):

Change your permissions on both .htaccess and .staccess to 777.
Place the paths to .htaccess and .staccess in the NukeSentinel(tm) Admin Control Panel.
Select CGI Auth Access from the drop down box.
From the NukeSentinel Admin Control Panel, select Scan For New Admins.
Now select Admin Auth List and make sure that all admins have been assigned passwords.
Now, you should see a link that says Build CGIAuth file. Click it. That will build your .staccess id:pass file.
Now back in the main NS ACP, in the .staccess box, you will see a link that says CGI Auth Setup. Click it. It should produce a new window with the following information:

Save this in .htaccess:
# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>

<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /home/USERNAME/public_html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
USERNAME will be your username and the path may be different

Copy and paste that into your .htaccess file.
Change your permissions on both .htaccess and .staccess back to 666.
That is the procedure. It sounds more complicated than what it is, but hopefully the more detailed explanation was helpful.

registered · Posted: Sat Jun 09, 2007 3:22 pm

This line here in your .htaccess file has to be correct:

AuthUserFile /home/USERNAME/public_html/.staccess

You may have to temporarily switch off this check by commenting out from line:

<Files admin.php>

to

</Files>

Then within NukeSentinel's administration screen it should tell you what the full, correct, absolute path that needs to be after the AuthUserFile directive.

Posted: Sat Jun 09, 2007 4:10 pm

Gave it a shot...but no joy. I had actually already tried the comment out approach.....

Maybe you can help me out..."must" i do this? What happens if I don't (I can log in fine so long as I don't turn this function on). Am I at risk?

Thanks (I would be happy to PM you my .htaccess file, if you think that might give you an idea where I have gone astray?)

Thanks, Montego

Posted: Sun Jun 10, 2007 3:40 pm

also...possibly a related question, but I do not think so:

I added two new "super users". However, when one tried to log in, I think he fatfingered the graphic code, or pw, anyway...it banned his IP. I was able to unban in Sentinel, but am curious why I can "protect" the GOD user, but not these other users? Ideas?

Posted: Sun Jun 10, 2007 5:07 pm

Did you scan for new admins after creating them in Sentinel? You can also add there specific ip address in the protected range I believe.

Posted: Sun Jun 10, 2007 9:12 pm

And sentinel assigns a random password to your superusers ... unless you noted that password and passed it on to your superusers they may be attempting the sentinel admin login with their regular superuser passwords, and not the passwords sentinel assigned.

Posted: Mon Jun 11, 2007 6:40 pm

Thanks for the replies, FirstATST and CodyG!

Yup...I did scan for new admins after adding them. I also supplied a specific password (as I was sending it to them via email so they would know their new logins). I unban the one IP that got blocked. I will have to see if it bans him again!

Any idea on how to protect the GOD users (or other admins) when their IP's might change? I am guessing they will get a specific range, and that is what I have done for now....guess I will just keep my fingers crossed they don't muck up the pw again! LOL

Thanks all!

spurt

Posted: Mon Jun 11, 2007 6:45 pm

One more thing ... if any other user besides God Admin clicks on the Edit Admin link ... then sentinel will ban that superuser again.

This just happened to one of my superusers ... he said ... if the link is going to ban me why display the link to me? good question.

Posted: Mon Jun 11, 2007 8:07 pm

Say, Cody...I think I saw in another thread that you have a shoutbox on your site? WHere did you get it?

Thanks!

Posted: Mon Jun 11, 2007 9:40 pm

hmmm... looks like ourscripts.net (home of shoutbox) is no longer Sad

someone was going to rewrite the mod ... don't know what's happening with that.
if you want the script i can send it ... pm me your email

Posted: Thu Jun 14, 2007 9:29 pm

Outscripts was the one I was using, too...I just sent you my email via PM..thanks!

Spurt

Posted: Fri Jun 15, 2007 6:53 pm

Cody, you are the best-est-eth! THanks for shooting me the code. Turns out the version of shoutbox I had was the same as the rest of you are running here (i just didn't know that because mine would not run!).

ANyway, Cody sent me the code and pointed me at Gremmie's "px" fix...i gave it a shot..and bang...I am back in business!

Thanks CodyG, Gremmie, and all who responded!