| Author |
Message |
erick08
Regular
Joined: Apr 20, 2008
Posts: 56
|
 Posted:
Fri Mar 27, 2009 1:44 am |
|
|
|
|
dad7732
RavenNuke(tm) Development Team
Joined: Mar 18, 2007
Posts: 1242
|
| Posted:
Fri Mar 27, 2009 12:45 pm |
|
Do you have your user/pass included in the .staccess file? |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sat Mar 28, 2009 12:50 am |
|
You are not following the instructions in the HowToInstall manual. That's why you are getting the errors. Review the setup instructions but first restore your original .htaccess file that cane with the distro. |
| |
|
|
|
|
erick08
|
| Posted:
Sat Mar 28, 2009 10:50 am |
|
| dad7732 wrote: | | Do you have your user/pass included in the .staccess file? |
Yes I have user/pass but I dont know how to put in .staccess . Also I lose here;
"Normally: /home/****/public_html/.htaccess"
What exactly: /home/****/public_html/.htaccess or add "http://www" like,
http://www.home/****/public_html/.htaccess
Yes Raven I folow the instruction, but maybe have a mistake.
By now I leave the staccess Path and ftaccess Path blank. htaccess Path:I fill ".htaccess" can I leave the two path blank?
TQ  |
| |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Sat Mar 28, 2009 6:56 pm |
|
You cannot use the URL. You will need to ask your host what the home path is for your site.
Again, it's probably something in the form
/home/****/public_html/.htaccess
but you will have to ask your host. |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
erick08
|
| Posted:
Sun Mar 29, 2009 3:58 am |
|
Sentinel setting look like all OK for me now.
But I'am confuse are the HTTPAuth similar to CGIAuth... I want to protect my forum from hack, where can I begin..
TQ  |
| |
|
|
|
|
jakec
Site Admin
Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
|
| Posted:
Sun Mar 29, 2009 6:09 am |
|
If you have the httpAuth setting use that and you won't have to do the CGIAuth settings. |
| |
|
|
|
|
erick08
|
| Posted:
Sun Mar 29, 2009 8:25 am |
|
Yes I use httpAuth setting. So, how can I setting the Sentinel to protect my Forum.
TQ  |
| |
|
|
|
|
jakec
|
| Posted:
Sun Mar 29, 2009 8:39 am |
|
You mean forum admin?
My host uses cPanel so if I have any other directories I want to protect then I do it through cPanel, which is much easier and quicker. |
| |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
| Posted:
Sun Mar 29, 2009 9:01 am |
|
erick08, just so you know, there haven't been any known exploits of the forum admin in a very long time. RN 2.3.x is fully patched.
Also, what you have been talking about is "admin" protection. But, do you really mean regular forum protection? The same blockers are used throughout RN, so there isn't anything "extra" that is specific to the forums. |
_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
Raven
|
| Posted:
Sun Mar 29, 2009 3:04 pm |
|
To protect your forum admin, please refer to the RavenNuke(tm) How To Install manual. See http://www.ravennuke.com/HowToInstall/ . Then select NukeSentinel(tm) from the menu to the left. Read through the setup instructions and about 40 lines or so down the page you will see this line of text:
Once the above is working for you, be sure to read the section on Protecting Your Forums Admin Folder at the bottom of this page.. Click the link and it will take you down to the section Protecting Your Forums Admin Folder. |
| |
|
|
|
|
erick08
|
| Posted:
Mon Mar 30, 2009 5:02 am |
|
| Raven wrote: | To protect your forum admin, please refer to the RavenNuke(tm) How To Install manual. See http://www.ravennuke.com/HowToInstall/ . Then select NukeSentinel(tm) from the menu to the left. Read through the setup instructions and about 40 lines or so down the page you will see this line of text:
Once the above is working for you, be sure to read the section on Protecting Your Forums Admin Folder at the bottom of this page.. Click the link and it will take you down to the section Protecting Your Forums Admin Folder. |
Hi Raven,
Yes I do. At the botom I found of NukeSentinel(tm) config:
If you using "HTTPAuth", see the Only registered users can see links on this board! Get registered or login!thread in the RavenPHPScripts support forums.
Are this link setup the HTTPAuth?
TQ |
| |
|
|
|
|
Raven
|
| Posted:
Mon Mar 30, 2009 5:38 am |
|
That link should detail how to set it up  |
| |
|
|
|
|
erick08
|
| Posted:
Mon Mar 30, 2009 6:33 am |
|
Ok Raven I already set it up. Now how I know it work?
TQ  |
| |
|
|
|
|
Raven
|
| Posted:
Mon Mar 30, 2009 8:47 am |
|
Log out as admin and then try to log in again as admin. It should prompt you. |
| |
|
|
|
|
erick08
|
| Posted:
Tue Mar 31, 2009 1:36 am |
|
I mean in forum admin..... but wait. How do I put the code "username:password" in .staccess in Forum admin?
Like this...
<Files .staccess>
username:password
</Files>
or something.....
Bcause when I click the icon of the forum in Control Panel dministrator I recieve this:
"Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request."
TQ  |
| |
|
|
|
|
dad7732
|
| Posted:
Tue Mar 31, 2009 6:38 am |
|
That is not the way .staccess works. Depending on the OS that your server runs on, ie., FreeBSD, Linux, IIS, etc. you have to generate a username:password using the server control syntax, etc. Your ISP will help you with this function.
After that is accomplished, you then copy the information generated to your .staccess file, for example:
| Quote: | | Username:$ape1$ffjQf/..$eFRhzMqftcZULhj8B7k5m. |
That is ALL that is included in the .staccess file, one line only. The username is plain english or whatever your language is and the password is encrypted. There is no .staccess specific to just the forum that I am aware of.
Cheers |
| |
|
|
|
|
erick08
|
| Posted:
Tue Mar 31, 2009 6:51 am |
|
Cheers........ that is.....tq. Now how do I test? Can I test it? Just want to know......
TQ dad7732. |
| |
|
|
|
|
dad7732
|
| Posted:
Tue Mar 31, 2009 7:00 am |
|
First of all, in your Sentinel administration, Admin Auth has to be OFF. The path to the .staccess file must be correct. Also, the .staccess file permission must be set to 666.
With all that done, access your site's administrator acccount, eg.,:
http://www.yoursite.com/admin.php
If set correctly you will be presented with a login box, "Authentication Required". Enter the username and password that is included in your .staccess file and if correct you will then be presented with another login box where you enter your admin username and password that you entered when you initially set up RN.
Note:
In your .htaccess file, you must uncomment the following lines and include the path to the .staccess file, such as:
| Quote: | <Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile /home/directory/directory/.staccess
</Files> |
Note the last line, that should be the path to the .staccess file starting from /root/ on your server and NOT a URL. |
| |
|
|
|
|
erick08
|
| Posted:
Tue Mar 31, 2009 8:25 am |
|
Hello dad7732,
First at all TQ,
Are the Admin HTTPAuth never turn it back?
What I mean to test is, test the protection admin in the forum? If I'm the hacker, how can I do this?
What u mean "entered when you initially set up RN" and how to setup?
TQ |
| |
|
|
|
|
dad7732
|
| Posted:
Tue Mar 31, 2009 8:46 am |
|
If your site is protected as mentioned, then the ENTIRE site, including the forum is under the same protection. The protection is site-wide, not just a specific module, etc. You can't get into the forum administration unless you're logged in as "Admin" from the beginning using the suggested method. |
| |
|
|
|
|
erick08
|
| Posted:
Wed Apr 01, 2009 1:38 am |
|
OK dad7732 the best...... Tq
But one more. I want to change my security cod to 8 digit. By now its 6 digit. How can I do it? 
TQ |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Wed Apr 01, 2009 10:11 am |
|
Please start a new topic for that. |
| |
|
|
|
Raven
|
| Posted:
Wed Apr 01, 2009 10:16 am |
|
erick08,
Actually if you search the forums we have already answered that |
| |
|
|
|
|
erick08
|
| Posted:
Thu Apr 02, 2009 2:36 am |
|
A... au... Yop Bos...
TQ |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
