changed admin file getting forbidden to approve articles

Hangin' Around Joined: Jun 15, 2006 Posts: 36

Ever since I changed the admin file name, also in the config.php, I have not been able to approve articles. Getting:

Forbidden

Referred From : (new admin file)
Your IP : x.x.x.x
The Page Requested: /(new admin file)
Agent : my browser
Redirect Status : 403

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Change it back - seriously. It does no good anyway. No real security. Symbolism without substance Wink

Posted: Fri Feb 20, 2009 10:09 am

OK, I changed it back but I'm still getting the forbidden error. Earlier I posted that my authors table in my database was removed so I manually added it back in and then created the god account again. Could this have something to do with it?

The forbidden page is the following: /admin.php?op=DisplayStory&qid=38

Either preview or post, same error.

Posted: Fri Feb 20, 2009 10:32 am

How was the authors table removed and how did you manually add it back in? Can you carry out other admin functions ... for instance when logged in as your God admin can you go into edit admins and add a new admin? That would tell us whether your authors table is corrupt or not.

Posted: Fri Feb 20, 2009 10:49 am

I was able to add another admin and it does show my account as the god account. I'm not sure how the table was removed, I believe it was some kind of hack.

Worker Joined: Aug 26, 2007 Posts: 236

You can protect your admin.php via .htaccess, so only your ip-address can access it. It is good if hackers gets the password and username, because they don't have much use of it then.

<Files "admin.php">
Order allow,deny
Allow from xx.xx.xxx.xxx
Allow from xx.xx.xx.
Allow from xx.xx.
</Files>

This also protects all admin.php of your site.

Posted: Wed Feb 25, 2009 11:16 am

My hosting company upgraded php to 4.4.9. They said to add this handler in my htaccess file:

AddHandler php-script .php .php3 .php4 .htm .html .phtml

which I did because I have htm/html files with php lines. Can anyone help?

Posted: Wed Feb 25, 2009 11:33 am

onnig wrote:

My hosting company upgraded php to 4.4.9.

Not sure how they can even call that an upgrade.

Sorry I had to. killing me

registered · Posted: Wed Feb 25, 2009 6:30 pm

Ok, since you have changed the name of your admin file back to admin.php, the original error message doesn't help much. Please post back the full text of the error message that you are getting now.

I suspect you may be missing some files or other tables. If you were hacked, as you suggest that you might have been, then who knows what could have been compromised.

Also, what CMS are you running and version?

Posted: Thu Feb 26, 2009 12:01 am

Here's the entire error:

Forbidden

Referred From : http://www.armeniansforchrist.com/admin.php?op=DisplayStory&qid=38
Your IP : (my ip)
The Page Requested: /admin.php
Agent : Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.2)
Redirect Status : 403

Current CMS: RavenNuke 022001, Nuke Sentinel 2.6.01

Posted: Thu Feb 26, 2009 5:58 am

Ok, couple things to try / look into:

1) Does it happen with all other news articles or is there something about this one only?

2) It may be something you have added to your .htaccess file that is doing the redirect?

3) Try it with FireFox too (and without any active plug-ins) just to rule out client-side issues.

4) Make sure all of your files were uploaded using a good FTP client, such as FileZilla (free from sourceforge.net) and if your target server is Linux, upload in binary mode.

Posted: Thu Feb 26, 2009 6:00 am

Just thought of something else that might be even more possible. When you were going through changing the name of the admin.php file, had you, by chance, made any hard-coded changes to scripts - like with ones that didn't recognize the new name because of poor/old coding - that maybe you need to change back?

Posted: Thu Feb 26, 2009 6:34 pm

montego wrote:

Ok, couple things to try / look into:

1) Does it happen with all other news articles or is there something about this one only?

2) It may be something you have added to your .htaccess file that is doing the redirect?

3) Try it with FireFox too (and without any active plug-ins) just to rule out client-side issues.

4) Make sure all of your files were uploaded using a good FTP client, such as FileZilla (free from sourceforge.net) and if your target server is Linux, upload in binary mode.

Your line of questioning actually led me down the right path here. I shortened the article, it wasn't too long I think but then it took, no forbidden error. Is there an area where I can increase the size of articles? Is there a limit somewhere?

Posted: Thu Feb 26, 2009 9:54 pm

Did you have the word union in the text? This can cause blocking or that you just is throwed back to the index page.

Posted: Fri Feb 27, 2009 1:01 am

slackervaara,

Good thought Idea

Posted: Fri Feb 27, 2009 2:32 am

slackervaara wrote:

Did you have the word union in the text? This can cause blocking or that you just is throwed back to the index page.

I narrowed it down to this one sentence:

Quote:

This fits into the cultic mold where only a few select can interpret the Word of God or have other documents purported to also come from God.

This is really weird because if I remove the word "from" at the end of the sentence and ad the word "by" then it works just fine.

Can anyone tell me why this is happening?

Posted: Fri Feb 27, 2009 4:33 am

Articles can have a max of 65,535 characters unless you are using double byte then it is reduced byi more for every db character. Is it possible your article is that long? But even if it was you shouldn't be getting a 403 error. Can you load the full article into a .txt file and print the url so that I can download it?

Posted: Fri Feb 27, 2009 10:10 am

Raven wrote:

Articles can have a max of 65,535 characters unless you are using double byte then it is reduced byi more for every db character. Is it possible your article is that long? But even if it was you shouldn't be getting a 403 error. Can you load the full article into a .txt file and print the url so that I can download it?

No, its not that long. I've posted much longer articles than this one. Here is the link to the txt file:

http://www.armeniansforchrist.com/article.txt

Thanks!

Posted: Fri Feb 27, 2009 6:02 pm

Ok, I have it and will see what I can dig up. Btw, that's a most excellent article and a great presentation of the only way to salvation through Jesus Christ Wink

. I'll get back to you if/when I find anything.

Posted: Fri Feb 27, 2009 7:08 pm

Raven wrote:

Ok, I have it and will see what I can dig up. Btw, that's a most excellent article and a great presentation of the only way to salvation through Jesus Christ Wink

. I'll get back to you if/when I find anything.

Thanks Raven!

Posted: Sat Feb 28, 2009 2:24 am

I just saw that you are running v2.20.01 which is not current. I just tested the article under the latest version (v2.30.01) and it works as it should. You can verify this by submitting the story at http://www.ravennuke.com

registered · Posted: Sat Feb 28, 2009 2:28 pm

One too many .coms there Raven Smile

Posted: Sat Feb 28, 2009 2:45 pm

evaders99, Thanks!