NS w/o .htaccess & .staccess?

Involved Joined: Dec 27, 2005 Posts: 296

I've just uploaded RavenNuke7.6 w/NS and have a question I didn't see addressed anywhere. My IP won't let me upload .htaccess and .stacces files to be used with NukeSentinel. I know the easy quick answer is to move to a less crappy server, but in the meantime, how should I proceed? Is there a way around this? Would NS even be of any value if these files weren't accesible, if so, what level of protection would NS still provide?
If I can't use NS without these files, period; then how secure is just the RavenNuke 7.6 alone?

Thanks.
srhh

P.S. Thank you for all the great work!!!

{{EDIT}} I can only see/access the CGIAuth and OFF from my admistration panel thing in Sentinel if that helps...

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Are you sure they won't let you upload those or are they just not showing up when you look for them? .staccess can be renamed but .htaccess is an Apache requirement.

Posted: Tue Dec 27, 2005 12:55 pm

This is the log from my FTP after trying to upload them:

Remote file exist check: '.htaccess'.
SIZE .htaccess
550 Permission denied on server. You are restricted to your account.
TYPE I
200 Type set to I.
PASV
227 Entering Passive Mode (0,000,000,00,000,000)
Opening data connection to xx.xxx.xxx.xx Port: 59247
STOR .htaccess
553-The name you specified is not allowed.
553-Names must contain only ASCII letters (a-z,A-Z), digits (0-9), underscore, dot and dash.
553-Names must not start with a dot (.) or dash (-).

Posted: Tue Dec 27, 2005 1:10 pm

I just checked my terms of service with my host and .htaccess is not allowed to upload. They have their own custom error pages and password protection. But I searched for .staccess in the terms and help and didn't see anything. The host is Yahoo, btw. I know *gasp!*. But the good news is the the 7.6 patched upgrade does in fact work with Yahoo hosting. Even the forums run ok...so far. (For others on Yahoo reading this, you'll have to upload the no mail hack for user registrations though...and for gods sake, do not use SmartFTP when uploading nuke files to Yahoo!!..you'll have more bugs in nuke than a hooker with head lice! I used WSFTP and it worked like a charm, and saved me a few hours too)

You said I can rename the .staccess file? How would I go about doing that and how would I direct Sentinel to it?

Posted: Tue Dec 27, 2005 2:41 pm

That's just the problem. If CGI Auth is your only option, then you must use .htaccess to direct to .staccess or whatever you want to call it - at least the way it's all written right now. I don't have a work-around for you because we have never had a host that didn't allow this. BTW, I have checked Yahoo's hosting prices and I think I can do better if you're interested.

Posted: Tue Dec 27, 2005 4:39 pm

Crap.

Thanks for the info. So does this mean that without the .htaccess files, Sentinel is just dead weight?

I'll look into your hosting and see whats up. I really like everything else about Yahoo hosting though, particularly the no setup and 50% off hosting. kaching!

But, you get what you pay for? I am going to contact tech support and ask when they will allow .htaccess uploading.
If (or more likely, when) I change over from Yahoo, will your patched 7.6 offer enough basic security to get through the time? (I'm very new to Nuke, if ya didn't figure that one out already:)

Posted: Tue Dec 27, 2005 4:52 pm

What you lose without the CGI Auth is the double protection of the admin.php file. The rest is hardly "dead weight" Wink

Posted: Wed Dec 28, 2005 9:01 pm

Cool. Good to know. I have another question. Do you think that by making any of the nuke sentinel blocks visible, does that only serve to invite more problems than it may prevent?

Posted: Wed Dec 28, 2005 9:10 pm

Not really, imo.