Uh Oh....Forbidden on both Index.html AND admin.php

Regular Joined: Jun 08, 2007 Posts: 54

So, the only module I've installed is *sorry* GCalendar. Since this, early at 4am my time, I tried accessing the site and I got this message. For both the Index and Admin.

Forbidden

I read I somewhere in the forums that I could go and delete a line from my htaccess file but wanted to find out if this is correct. It was the parts about "limit"......

I have tried to access the site through IE6 as well as FF. Both are blocked. Can I do something in phpmyadmin for the time being to get in the site?

Again....thank you for helping.

**update as of 6.54am.....I delete the "files" and "limit"...so now htaccess has NOTHING...

now i have this error:

ATTENTION PLEASE!

You have been blocked from entering this site.

You have attempted an Authors Table attack on this site.

Posted: Fri Jun 15, 2007 8:46 am

you created a backup of .htaccess right? authors table attack is sentinel doing it's job ... you need to have a configured .htaccess, so just restore it and carry on.

phpmyadmin is an extremely helpful tool ... if you want to be a happy rnuker, and who wouldn't, DO get comfy with the capabilities of phpmyadmin and the rn tables, where your data resides. get to know the field names and table names of your core code and all your addons.

i'd be guessing if i stated what your forbidden problem may be... need more info.

Posted: Fri Jun 15, 2007 8:55 am

Thank you CodyG!

So, this is how or what happened now....oy!

So, this morning, I just tried to refresh the site. That is when I got the "forbidden". I went into the htaccess file and deleted the "file" and "limits". I was able to get back into the site with the error of "trying to access authors". So, I thought "alright so I will go and delete my blocked ip number for 1 and 2, delete the authors". So, I did that and I was able to get into the site. I then typed /admin.php and it wanted me to set up admin. I set ONE up and logged in as that admin. I then went and set up 2 more admins and logged back out. I then tried to log in as the correct name and bam! BLOCKED by Nuke Sentinel. I think I may have to unblock my ip range???

Since I am in phpmyadmin, I am going to try and unblock myself from there...one second.....i'll post an update but if you think of anything in the meantime....let me know!

**btw...i reverted the htaccess file to the original and re-upld it.....to keep sentinel doing it's THANG!

Thanks again!

So, I wanted the link to your "womens" site. I love seeing stuff like that!

*******UPDATE: 7:59am-Okey dokey! So, after the original htaccess file was uploaded, I went to (after clearing out cache and cookies) hissite.com/index.html AND hissite.com/ and I get the forbidden message again.

I removed the "limit" in the htaccess file again and re-upl'd it again onto the server and i was able to get to the site....so I am now in admin and I am copying my ip address from here and pasting it into the blocked range....stay tuned!

Posted: Fri Jun 15, 2007 9:05 am

there are a couple of kinds of forbidden errors
one is from nuke, one is from apache
which one are you getting?

Posted: Fri Jun 15, 2007 9:11 am

Hi CodyG again!

For the "Forbidden" I was getting the 403 apache 1.3.x error. The infamous "you do not have permission...."

Nuke_Sentinel:

just added myself to the excluded and tried to edit admins again.

I am now gettin the "authors" error again.

Editing my post now as I just realized....TWO different issues.

My apologies Raven!

Posted: Fri Jun 15, 2007 9:15 am

are you attempting to 'edit admin' while logged in as god admin, or some other admin? if anything other than god admin, sentinel won't like it.

Posted: Fri Jun 15, 2007 9:19 am

hmmm...yes I was. I was logged in as just SuperAdmin. Duh...that would make sense (slaps self senseless)...

Ok..lemme go delete myself from blocked...again. ahahahahahha!

Posted: Fri Jun 15, 2007 9:32 am

Forbidden
You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

--------------------------------------------------------------------------------

Apache/1.3.33 Server at www.xxxxxxxxx.com Port 80

Posted: Fri Jun 15, 2007 9:46 am

just to get some clarity ... apache is throwing a forbidden error while attempting to edit admins, while logged in as god admin?

Posted: Fri Jun 15, 2007 9:56 am

Uhm. No.

After:
1. deleting my ip address from blocked (phpmyadmin)
2. cleaning out my cache/cookies
3. re-log into site, just to access the site

I get the Apache errors.

When I try to log in under sites SuperAdmin under Admin.php (to remove me as an offense), I get the:
1. access authors table
2. blocked ip address
3. contact webmaster (who is me...hahahaha)

I think this was caught by my brother, he is in the army back in Iraq and he was the first to get this message. I think I have him set as SuperAdmin WITH User with same and he was trying to access admin when he was already logged in as admin...or user...get it? hahahahahaha!

Posted: Fri Jun 15, 2007 10:03 am

You should also remove your IP address from the .htaccess file as well as from the database.

Also you can stop yourself from getting yourself banned by adding your IP address to the protected ranges in Sentinel.

Posted: Fri Jun 15, 2007 10:27 am

Thanks jakec....however, how do I remove...oh..you mean import the current htaccess file on my server, fix/edit it and re-upload it?

I have been deleting my ip from the database through phpmyadmin....was i supposed to delete it anywhere else like NS cause..I can't get in the site's main index page...at all...hahahaha...

I did add myself to the "exclude" list already...was that NOT what I was supposed to do?

I'll get into the protected area after I fix it so I can access the site!

Here is the error message my brother got this morning:

The below information pertains to the HTTPAuth system in NukeSentinel(tm) only!\nIt does not affect your normal admin login information.\n\n
> HTTPAuth Login: HocusPocus
> Auth Password: (bunch of number and letters!)
> Protected: No
>

*****UPDATE:

Now I am getting blocked as admin/user and can't get in to modules. should I just reinstall nukesentinel and what could be causing this annoying error?

Posted: Sat Jun 16, 2007 1:50 am

There are two places where Sentinel usually adds the IP to block you from the site. The database and the .htaccess.

You should find your IP address at the bottom of the .htaccess on your server. Just download it, remove your IP and then upload again. Easy. Wink

The excluded range in Sentinel are for IP's that you do not want NS to track. The protected range is for IP's that you don't want to get blocked.

The message your brother is getting is for HTTPauth which is an additional protection measure to password protect the admin area, which means you have it activated in Sentinel.

What are you doing when you are blocked as an admin/user?

I'm not sure it is necessary to reinstall NS yet, I think it is doing it's job

Posted: Sat Jun 16, 2007 6:53 am

jakec...thanks!

I figured out the htaccess thing after much playing around. The one good thing is, I love to read so, looking at htaccess was easy. The coding is blurry but I saw "blocked ip" and I saw my addy there so I just 86 it! Wooohhaaaahahahahaha!

I then removed the "limit" portion completely from the htaccess. Re-uploaded it and chmod'd both staccess and htaccess. (which I don't recall ever doing so I did it now).

I finally, got to log in to the site! I then clicked the admin link and was able to log in! YAY! I went into NS and excluded myself as well as protected myself (oh...and of course my brother). So far, I have not gotten any messages. My brother is now getting:

Forbidden
You don't have permission to access /admin on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
________________________________________
Apache/1.3.33 Server at www.thanatosunderworld.com Port 80

When I was getting blocked, I wad logged in as SuperAdmin not GOD...so I got that sorted out. And yes, I was trying to do stuff as a super not got.....with NS.

Nope...I think we (and I mean YOU all helping me and me doing a lot of learning) are doing fine....just need to fine tune NS.

Now..I did read that there is a NS manual here? Where might that be under the site's navigation?

Thank you everyone so far! I am learning so much!

Any help with the last annoying message would be awesome!

Posted: Sun Jun 17, 2007 10:45 am

kittyprrrs, please can you get your brother to clear his cache and cookies and then try again, cheers.

Posted: Wed Jun 20, 2007 8:50 am

I did only, because he is on the base (in Iraq) everything is blocked. He can't do any of that unless he has access (according to him). However, he may just be dumb as a brick (which I doubt...but all the herb he smoked...nah...just kidding!) but I believe him when he says that access to clear history, cache and such, is by privilege only and he is not at that status yet.

I'll remind him again, on the steps to do the clearing and let you all know.

Posted: Fri Jun 22, 2007 10:30 am

Ok...just an update....

dum dum is able to log in now. only i think he tampered with some things signed in as admin as now, can't even log in as GOD.....jeeeeez's....i think i want to kill him!

Posted: Sat Jun 23, 2007 11:07 am

Sounds like you need to restrict what he can access. Laughing