You are using an Invalid IP to access this site!

registered · Posted: Wed Dec 21, 2005 7:17 pm

Ok. I am now racking my brain. The above topic subject is the result I am getting now for every access to my test domain and this are the steps I followed to get there! Laughing

1) Installed RavenNuke76 distro on my local machine

2) Configured everything and validated that it worked great so I would have a reference instance if needed

3) Installed RavenNuke76 on my new domain (production) and did the same.

4) Validated that everything was working great, including HTTP Auth, etc.

5) Took a mySQL dump of the production database using phpmyadmin (included the DROP TABLES option).

6) Downloaded the dump to my test domain and used installSQL.php (BigDump) to chunk my production version back into my test version (I have always done this to ensure my test system is often sync'd with production).

7) I use a special SQL file to run and change the ACP domain/url's, turn off HTTP Auth (Its my test system!) and to delete everything from nuke_nsnst_blocked_ips.

I have done this same procedure over and over and over again on my 7.5 sites (with the one exception being BigDump).

Now, I cannot seem to find out to correct this issue. I am assuming that it has to be a DB thing because the script files should be identical. I tracked it down to get_ip() function in nukesentinel.php but cannot figure out why it is not getting a valid IP????

I am losing it. Any ideas? What stupid, simple item have I overlooked?

TIA!
montego

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

This has been documented since day one so I am enjoying this remedial education killing me

Rather than take the time to point you to this post or that post, simply edit includes/nukesentinel.php. On or about line 140 find

// Invalid ip check
if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

and comment it out Wink

Posted: Thu Dec 22, 2005 6:41 am

Raven,

I specifically searched for "Invalid IP" and for "INVALIDIP" and found nothing. Also, not sure why this has never been a problem for me before. I have NEVER had to comment out any code before and I've been doing this same process for many moons :moon:

I believe in keeping my script files exactly the same in test and production and that is why I am concerned with this approach.

Here is my code from Montego Scripts test and production system:

// Invalid ip check
if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

Any ideas on what might have changed locally to cause this? I didn't really understand the get_ip() function that well to figure out why this is now doing this.

Thanks!

Posted: Thu Dec 22, 2005 6:43 am

Also, please remember that I had it all working before I rebuilt my test database from production!

Posted: Thu Dec 22, 2005 7:11 am

Ok, I take back my :moon:

because right here in the RavenNuke76 installation README are these lines:

If you receive this message:
"You are using an Invalid IP to access this site!", that usually means you are testing this on a localhost PC (IP 127.0.0.1). Technically, in a production environment, that IP can't exist. So, NukeSentinel(tm) flags it as an error. To fix it, see below. But you must remember to change it back when you load this to your production site.

In includes/nukesentinel.php on or about line 140,
FIND
// Invalid ip check
if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

CHANGE TO
// Invalid ip check
//if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

HOWEVER, I still want to understand why I have never had to do this before on any of my test installations on my local PC until this new one built using RN76 AND only after I rebuild the database from production. It does not make any sense to me.

Posted: Thu Dec 22, 2005 7:31 am

Ok. I have created a solution for me that I can "live with". My requirements:

1) To ensure that my nuke scripts in TEST/DEV can match perfectly to PROD

2) To ensure that I don't forget (because I have a lame memory already) to uncomment / change code before I promote to PROD

Here was the solution that I came up with:

1) Added a new file to the root of my nuke system in TEST/DEV only:

TESTSYSTEM_DO_NOT_PROMOTE

2) Added the following lines to my config.php script:

if ( @file_exists( "TESTSYSTEM_DO_NOT_PROMOTE" ) ) {
define("__TESTENV__",true);
}

3) Modified includes/nukesentinel.php, the lines in question, to:

if ( !defined('__TESTENV__') ) {
if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }
}

Now, all I have to "worry" about is this one file and it stands out so strongly "DO_NOT_PROMOTE" that I cannot possibly miss it when trying to do a mass FTP of my entire TEST / DEV system to PROD.

I would appreciate any and all comments on this approach.

TIA,
montego

Posted: Thu Dec 22, 2005 10:12 am

Just to name a few:
http://www.ravenphpscripts.com/postx6223-0-0.html
http://www.ravenphpscripts.com/postx5351-0-0.html
http://www.ravenphpscripts.com/postx4985-0-0.html
http://www.ravenphpscripts.com/postx4963-0-0.html

I have always had to do this so I don't know what to tell you. That's why I included that note in the README. I have never been able to have the same scripts in that regard. Obviously, if you have set remote_ip to something other than null/none, then you would not have had this issue. Did you recently upgrade your server or firewall? That would be the only thing I can think of because that code has been in NukeSentinel(tm) for a long time.

Posted: Thu Dec 22, 2005 10:16 am

Raven, I have no idea why my own search criteria mentioned above did not find these hits... my batting percentage is just gone into the toilet these days. Bang Head

Posted: Thu Dec 22, 2005 10:22 am

I searched for the _AB_INVALIDIP error message. But stop worrying about it. My "remedial" comment was meant in pure jest but I don't think it came across that way. Sorry.

Posted: Thu Dec 22, 2005 5:35 pm

Raven wrote:

I searched for the _AB_INVALIDIP error message. But stop worrying about it. My "remedial" comment was meant in pure jest but I don't think it came across that way. Sorry.

Nope. Wasn't taken bad. Just frustrated with myself. I searched for INVALIDIP at the time and found nothing. I guess I assumed it would find anything within the text not just words that match. Oh well. I just hate wasting your time as you are a busy man...

Posted: Fri May 26, 2006 8:40 am

I just had a user report this same thing to me. I just want to make sure I understand this completely. All I need to do is comment out the line at about line 140 and that takes care of the problem. Okay, I will do that as I found the code mentioned.

Just wondering now more than anything, as this is the first time with this message, what causes it? Confused

Posted: Fri May 26, 2006 11:39 am

Before u comment those lines of code out..make sure your ip2country is upto date...if not that may be blockin them, just a formality..it may not be the issue at all.

Posted: Fri May 26, 2006 11:51 am

In this case, the IP was a good address from InsightBB and a US address. That range was in the ip2country list.

However, this does bring up an interesting question. I have noticed that when I search for some addresses, they do not show up in the ip2country. How should these be handled???

Also, is there an updated ip2country file???

Posted: Tue May 30, 2006 3:49 pm

I have not been able to resolve this issue with one user. Updated ip2country and ran the sql suggested by raven to add recently released ip address' and he still can't get in. He also claims he doesn't even know what ip masking software is so I doubt he is using it.

Posted: Tue May 30, 2006 9:31 pm

Have you asked him what IP address he is using and compared that IP to your tables?

Posted: Wed May 31, 2006 1:10 pm

Yes, and (according to him) the IP is not only listed, but he has connected in recent past (last month) from that IP. I think he gave up since I have not heard from him in a couple weeks. Thanks for you help.

New Member Joined: Jul 14, 2005 Posts: 20

hello..

i have the nuke sentinel 2.2.0. For a reason i have the same problem with an online page. I can't have access and i am admin there :S
i can't find my ip to delete it!

could you help me please?

thank you in advanced

Posted: Thu Jun 15, 2006 4:54 pm

first off..u might want to update ur nuke sentinel version.

Then make sure ur edits in the admin.php are made correctly.

also check to see if u have admin authorization written to the .staccess..if not rerun the install script.

Posted: Fri Jun 16, 2006 2:42 pm

well, that i done is to add the slash "//" and then to go on the menu of sentinel->reserved ip and i deleted the range of my ip 89.x.x.x
Next, i delete the slash and everything ok!

is any wrong with that?

Posted: Fri Jun 16, 2006 8:17 pm

the //?

can u tell me where u added those?

Posted: Sat Jun 17, 2006 7:26 am

darklord, it was to comment out the line in nukesentinel.php for the invalid IP check.

Posted: Sat Jun 17, 2006 7:29 pm

ohh i dont know why i missed that Laughing

nope...sounds like u did it all correctly.

Hangin' Around Joined: May 13, 2005 Posts: 26

Raven,

I have a Question, after reading, im getting users recently having this problem just recently,

My Question, Would REMing out this line on the Live Site leave me open to any sort of attacks or is it safe to disable it with the site on a Live Server?

registered · Posted: Thu Aug 24, 2006 12:54 pm

It would not open an holes, rather it is a protective measure. I really would suggest loading the IP2Country tables if you can

Posted: Tue Oct 03, 2006 6:53 am

Have you checked to see if there a new files out on http://www.nukescripts.net for IP2C. Bob tends to post those quite frequently, so there may have been updates since 2.5.02 was released.

Are you really using RN 1.x? If you are using RavenNuke 2.02.02, there is a switch in config.php that you can set to TRUE to bypass the invalid IP check. You may even be able to add this line to your config.php anyways if you are running 2.5.02:

$bypassNukeSentinelInvalidIPCheck = TRUE;