You have attempted to access this site with an invalid IP

Posted: Sat Jul 25, 2009 6:00 pm

Greetings good people,

I know this topic is in here. I just lost a $2500.00 shopping cart sale because a person who has never visited my site could not access my site. He kept getting the white screen (formerly the black screen). I have typed about this before. I have a client who can access his site however he cannot get into several other portals.

I was on the phone with this individual while he was trying to get into my main website, clearing his cookies did not resolve the problem he is experiencing.. He is a referral from another client. Long story short he decided not to hire me because if he can't get to my site he figures his site will be unvisitable too. He had no problems accessing other portals that I have up however he could not get into the two I needed him to see.

He was on a laptop. Most of the folks I know of who have had problems accessing my sites seem to be using laptops. I saw the error message myself as I am shopping for a laptop and the Sprint/Nextell air card delivered me the error message while the Verizon air card did not. I know that most folks have no problems accessing any of my sites however I cannot help wondering how many other sales I may have missed.

I am at a loss for what to do. Any suggestions. I sure could have used that sale. Do I have something configured wrong in the sites in question? My portals are standard out of the box installs. I do modify the themes to suit the clients and I do create custom blocks and modules as required. The two sites he could not see are running a modified Deep Blue and a modified Sunset theme. My main portal was originally installed April 1, 2007. It has been upgraded each time a new release has come out and is currently running RavenNuke_v2.30.01. I use the Adobe CS4 Premium Web Suite for my tools. Comments? Suggestions?? Solutions? Thanks in advance for your help.

RavensScripts

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

What is the error message that you say you saw?

Posted: Sat Jul 25, 2009 10:31 pm

I'll have to go back to the store I was in and revisit through the computer I saw it on.

RavensScripts

Posted: Sat Jul 25, 2009 10:37 pm

Here is a copy I received from one of my clients a while back. They too are using a laptop. I do not know who their carrier is though.

You have attempted to access this site with an invalid IP.

If you think this is a mistake you can contact the site webmaster at abc(at)abcdef(dot)com.

Be SURE to include the following information in any email!
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; FBSMTWB; .NET CLR 1.1.4322)
Remote Address: xxx.xxx.xxx.xxx
Client IP: none
Forwarded For: none

--------------------------------------------------------------------------------

PLEASE: bear in mind that even if you have done nothing wrong, you may be getting this page due to someone's misuse of the site in your ip range

Hiya Raven!

RavensScripts

Posted: Sat Jul 25, 2009 11:29 pm

It's not a laptop issue. You see the You have attempted to access this site with an invalid IP. and the Client IP: None and the Forwarded For: none messages? That's the issue. One way or another, intentionally or not, they are not sending a valid IP. To NukeSentinel(tm) that is a cause for alarm as there is no way to trace an attack. And we realize that even if an IP is supplied the IP could be forged. But no IP at all is deliberate, whether or not on the part of the user.

However, we have allowed for you to override this behavior. In rnconfig.php change this setting
FROM:
$bypassNukeSentinelInvalidIPCheck = false;
TO:
$bypassNukeSentinelInvalidIPCheck = true;

Posted: Sun Jul 26, 2009 12:45 am

I xxxed out the IP addy and my email addy however I will change the code for sure. My thanks Raven. As always I am and will continue to be a dedicated RavenNuke(tm) user and fan!

RavensScripts

Posted: Sun Jul 26, 2009 4:59 am

jlajax, have you updated your IP2C tables?

Posted: Fri Sep 04, 2009 3:15 pm

$bypassNukeSentinelInvalidIPCheck = true; // This should only be used (set to "true") when testing locally and not in a production environment did not fix the problem a client just calledand said he couldn't get to my site. I went to the lptop that was giving me the problems at the sprint store and it still cannot get to my site. Any other suggestions? I am fixing to look for instructions on how to update the IP2c tables.

While I was at the sprint store I looked at the rest of my sites and one other one is having hte same problem a my site. The other sites I have displayed just fine.. Suggestions.
RavensScripts

Posted: Fri Sep 04, 2009 5:51 pm

Check your server error messages and see what message he is receiving. If that setting is set to true then it's something else and you'll need an error message to track it down.

Posted: Sat Sep 05, 2009 4:39 pm

jlajax wrote:

While I was at the sprint store I looked at the rest of my sites and one other one is having hte same problem a my site. The other sites I have displayed just fine.. Suggestions.
RavensScripts

Are all these sites on the same server?

Posted: Wed Sep 09, 2009 10:14 pm

No, The one thing all of the computers that are failing have in common is they are on wireless. I am unable to get to my site now myself. I just moved and am on a Cable modem wireless setup. The rest of my sites seem to be working fine. Mine is the only one I cannot get into. I also tried from two other clients computers today, one of them got in fine one of them did not. The one that could access the site was hardwired to a comcast cable modem the one that could not was wireless to comcast. I am at a loss for what to do at the moment. I will access the server logs for error messages as soon as I can. I am having issues in my new place connecting to the Internet period. Soon as I get it resolved I will access the server logs and post them here.

I know that Raven stated that wireless does not make a difference however the one thing the computers have in common that are failing (that I am aware of) are wireless connections.

RavensScripts

Posted: Thu Sep 10, 2009 2:47 am

I asked because I have had similar problems. My own issue was related to the server mod_security rules which is using a blacklist look up from some of the major blacklist providers and my d*** ISP keeps periodically dropping my connection and re-assigning me a new IP, which is blacklisted grr.
I'm in the process of moving house so hopefully that will soon be cured.

Posted: Thu Sep 10, 2009 6:41 am

Here is what I am showing in the error logs from the server.

[Thu Sep 10 05:35:52 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!
[Thu Sep 10 05:36:00 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!
[Thu Sep 10 05:36:01 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!

You have attempted to access this site with an invalid IP.

If you think this is a mistake you can contact the site webmaster at (removed)com.

Be SURE to include the following information in any email!
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)
Remote Address: 98.231.124.249 <== this is the IP addy that appears if I go to a working site for my location
Client IP: none
Forwarded For: none

--------------------------------------------------------------------------------

PLEASE: bear in mind that even if you have done nothing wrong, you may be getting this page due to someone's misuse of the site in your ip range

Bang Head

Posted: Thu Sep 10, 2009 6:45 am

**********************************************************************************/
$bypassNukeSentinelInvalidIPCheck = true; // This should only be used (set to "true") when testing locally and not in a production environment
$bypassInstallationFolderCheck = false; // This should only be used (set to "true") when testing locally and not in a production environment

/*********************************************************************************

Left out this. It is from the rconfig.php file.

RavensScripts

Posted: Sat Sep 12, 2009 11:41 pm

jlajax wrote:

Here is what I am showing in the error logs from the server.

[Thu Sep 10 05:35:52 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!
[Thu Sep 10 05:36:00 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!
[Thu Sep 10 05:36:01 2009] [notice] cannot use a full URL in a 401 ErrorDocument directive --- ignoring!
Bang Head

I just noticed this. The .htaccess file that ships with RavenNuke(tm) is:

Code:

ErrorDocument 400 /modules.php?name=ErrorDocuments


ErrorDocument 401 /modules.php?name=ErrorDocuments


ErrorDocument 403 /modules.php?name=ErrorDocuments


ErrorDocument 406 /modules.php?name=ErrorDocuments


ErrorDocument 500 /modules.php?name=ErrorDocuments

Have you modified yours to point to a full URL? If so you can't do that. That's an Apache rule and has nothing to do with the application.

Also, have you checked with your host to verify that your IP is not being blocked anywhere?

Posted: Sun Sep 13, 2009 12:59 am

I have disabled the .htaccess file and emptied the nsnst_blocked_ips tables. I have cleared the cookies. I have treied everything I can thinkof and I am unable to get to the site. It is puzzling the begeebies out of me. What I truly don't understand is it is this one site. I have several RavenNuke(tm) portals up and running and the others are easily available like always. Me I am simply lost without a clue. The only thing that has changed on my end is I moved and am now on a wireless LINKSYS CISCO home network which allows me to visit any other portal I have up and running. It sure is curious.

RavensScripts

Posted: Sun Sep 13, 2009 1:11 am

If you have disabled the .htaccess and are seeing that Notice then look in your Error Documents area of your Control Panel. If you have Custom Error Documents check to verify that you aren't using full URL's. That's a separate issue.

Now, if you are able to visit other RN sites, via wireless, and you can even get to your "blocked" site via http://proxify.com, then I don't see any way possible that it's an RN issue. It may be an setup issue of some kind, but it's not an application issue.

Does the server that hosts the problem site host any other RN sites? If so, can you access the other sites on that server? If so it is not an application issue.

Have you tried turning NukeSentinel(tm) off?

Posted: Sun Sep 13, 2009 1:32 am

Yes the server that hosts the problem site has several RN sites on it. Yes I can get to the blocked site with www.proxify.com. Yes I can get to my other sites on the same server. Again the only thng that has changed is I moved. I still have the same ISP. I am lost for sure. I also sincerely appreciate your time, interest and assistance.

RavensScripts

Posted: Sun Sep 13, 2009 1:34 am

From my last post: Have you tried turning NukeSentinel(tm) off?

Posted: Sun Sep 13, 2009 11:11 am

I cannot get to the Nuke Sentinal Admin Panel. I am unable to get beyone the splash page. Any page I try to go to I get the invalid IP message. I have tried.

RavensScripts

Posted: Sun Sep 13, 2009 11:41 am

In includes/nukesentinel.php comment out the following lines 123-131:

Code:




// Invalid ip check


if (@$ab_config['test_switch'] == 1) {;} //Site is in TEST Mode so skip the ipCheck


elseif (isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck===true) {;} //Site is NOT in TEST mode but $bypassNukeSentinelInvalidIPCheck is set to TRUE so skip the ipCheck


else { //Site is NOT in TEST Mode and $bypassNukeSentinelInvalidIPCheck is either not set or it is set to FALSE so do the ipCheck


  if($nsnst_const['remote_ip']=="none") {


    echo abget_template("abuse_invalid.tpl");


    die();


  }


}

Posted: Sun Sep 13, 2009 11:57 am

jlajax wrote:

I cannot get to the Nuke Sentinal Admin Panel. I am unable to get beyone the splash page. Any page I try to go to I get the invalid IP message. I have tried.

RavensScripts

Right - sorry. Use phpMyAdmin and edit the nuke_nsnst_config table. Change the disable_switch to 1 (one). That will disable NS. I am trying to narrow down where the message may be coming from. I mean I know NS is where but I want to take NS off the table.

Posted: Sun Sep 13, 2009 2:34 pm

Thank you so much Raven. I am in!! Your the best

RavensScripts

Posted: Sun Sep 13, 2009 4:53 pm

Ed,

Plop, plop, Fizz, fizz;
Oh what a relief it is ...
Okay, how many remember that jingle killing me

Since taking over ownership of NukeSentinel(tm), I and the Team have made several changes to nukesentinel.php. The replacement code that fixed yours wasn't (specifically/necessarily) fixed to correct a known problem you and others are/were having ROTFL

, but it has been wrong for quite a while. For one reason or another, prior to becoming the maintainer of the code, that logic was changed from what I had originally provided and what we had been using. I found & corrected it back on 1/17/2009! I guess here's a very good argument for more frequent releases
HitsFan

So, at least two birds were killed with one stone and, unfortunately for me, one of them was a crow and I'll happily eat it publicly Wink

. I know better than to be so adamant about "what it isn't", but I did it anyway Rolling Eyes

. Also, thank you for not only staying on me about this, but for exhibiting the diplomacy skills in spite of the circumstances!

Here is the corrected code for any others having this problem. It will be in the RavenNuke(tm) v2.40.00 release Wink

Edit includes/nukesentinel.php and replace this section of your code.

Code:

// Invalid ip check


if ($ab_config['test_switch'] == 1) {;} //Site is in TEST Mode so skip the ipCheck


elseif (isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck===true) {;} //Site is NOT in TEST mode but $bypassNukeSentinelInvalidIPCheck is set to TRUE so skip the ipCheck


else { //Site is NOT in TEST Mode and $bypassNukeSentinelInvalidIPCheck is either not set or it is set to FALSE so do the ipCheck


  if($nsnst_const['remote_ip']=="none") {


    echo abget_template("abuse_invalid.tpl");


    die();


  }


}

Posted: Sun Sep 13, 2009 5:05 pm

Palbin wrote:

In includes/nukesentinel.php comment out the following lines 123-131:

Code:




// Invalid ip check


if (@$ab_config['test_switch'] == 1) {;} //Site is in TEST Mode so skip the ipCheck


elseif (isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck===true) {;} //Site is NOT in TEST mode but $bypassNukeSentinelInvalidIPCheck is set to TRUE so skip the ipCheck


else { //Site is NOT in TEST Mode and $bypassNukeSentinelInvalidIPCheck is either not set or it is set to FALSE so do the ipCheck


  if($nsnst_const['remote_ip']=="none") {


    echo abget_template("abuse_invalid.tpl");


    die();


  }


}

jlajax wrote:

Thank you so much Raven. I am in!! Your the best

RavensScripts

Also note that Palbin was on the same track. I didn't even notice his post because you and I were fighting this on 2 fronts - here and via email. Just goes to show that great minds think alike!