Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Admin CGIauth issues
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
boored
New Member
New Member



Joined: Nov 26, 2006
Posts: 16
PostPosted: Tue Nov 28, 2006 1:05 am Reply with quote
NukeSentinel(tm) 2.4.2pl5 from 7.6 distro pack
Cant access admin.php, it wont accept my user/pass.

Been testing a lot, get 500error and no login when the paths obviously are wrong, when they are correct i get the login, but it wont accept user/pass, and sends me to 401error instead.

been reading a lot around and trying several things, but my problem seems to be different to others out here....

htaccess Path:
Normally: e:\servers\xampp\htdocs\.htaccess

staccess Path:
Normally: e:\servers\xampp\htdocs\.staccess

those seem to be correct, when:
Build CGIAuth file: e:\servers\xampp\htdocs\.staccess
writes the auth login: crypted password

also tried ../htdocs/.staccess, which works also for writnig to .staccess(this is the path that other htaccess files contains in other directorys)....and a lot of others stuff. Xampp htaccess contains the longer E:\serv.. path and is working for xampp contoll access.

i run the testcode to find real path, which also repported e:\servers\xampp\htdocs\.staccess

i have not seen any problems like mine with local file system rapported, starting to wonder that there is something wrong with my server... :/
running xampp 1.5.5 pack on winXP

Since i have access to my own server settings, is it possible to activate Http Auth instead, so i could try that?

EDIT: could this problem come from that i am not running my server on standard 80 port?
 
View user's profile Send private message
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA
PostPosted: Tue Nov 28, 2006 10:22 am Reply with quote
In my xaamp test environment, I don't even bother with .htaccess or .staccess. I just deleted them. I'm just using it as a test bed on my home PC for my live site and no security is needed. Do you need them in your situation?

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
boored
PostPosted: Tue Nov 28, 2006 10:51 am Reply with quote
Well, not that much security is needed i guess, i just have an extra computer runnig teamspeak2-, jabber-servers etc ... and thought i would add an site, just for friends....so i dont think i would need much security...but yes, you can access it from outside... i can always disable admin auth... but it is annoying me anyway...that i cant get it to work Very Happy

when i replace nukesite with a simple html-site it works: the user:password in plain text as it is under standard Xampp installation
...something with password crypting?

i am totally lost why the paths show: e:\servers\xampp\htdocs\.staccess (both locally and from outside) since everyone else seems to have a path like /home/xxx/yyy/.staccess

EDIT: maybe i should add: server computer is running behind a router, been testing both locally(http://localhost:xxxx/...), and from outside with same results
 
Gremmie
PostPosted: Tue Nov 28, 2006 11:56 am Reply with quote
Ok...I'm afraid I don't have experience with that enough to help. I did think though that it was not advised to run a real site on the internet with xampp. By default it has every security door wide open (it's really meant for development).
 
boored
PostPosted: Tue Nov 28, 2006 12:12 pm Reply with quote
Yes, by deffault its open, but been changing all to secure in settings, in xampp controll panel(and its behind a router, with only a non standard http port forwarded for apache.)

....exept for PHP, its not running in safe mode, do i need to change that? its just me that is messing around on the server, no other webhosting etc. shouldnt be a problem if noone else can upload scripts?
 
boored
PostPosted: Tue Nov 28, 2006 1:49 pm Reply with quote
Ok, now been testing some more.....

edited the password to plain text in .staccess. and its working....
or if it is in crypted form in .staccess i have to use exactly the crypted string as password

so surely i have messed something up with the password in crypted form, just cant figure out what...

EDIT: doesnt seem to mather if i have in NS ACP Admin Auth set to Off or CGIAuth, same result...the password need to be typed exactly as in .staccess in both cases

EDIT2: After some more testing i gave up for now, i decided to switch NS Admin Auth off, and use standard .htaccess files in apache with passwords-file in plain text, since i cant get NS crypted passwords to work anyway.
Is there a big differnce between crypted and the way i did it now? I have the password file in standard ../htdocs/forbidden directory, just copying the .htaccess file to ../forum/admin and root-directory(where protecting admin.php only).
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©