| Author |
Message |
welshmark
New Member
Joined: Mar 27, 2009
Posts: 6
|
 Posted:
Fri Mar 27, 2009 3:08 pm |
|
Hi I am having a great deal of trouble accessing my site using my mobile phone.
When I try I get "Your Attention Please! You have attempted to access this site with an invalid User Agent."
Then it says
Be sure to include the following information in any email.
User Agent: none
Remote Access: 212.183.134.209
Client IP:none
Forwarded for:none"
I have no idea where to start resolving this issue.
The strange thing is I am using a Samsung F480V on the Vodafone network in the UK. Others with the same phone, network can access it fine.
Confused
Any help would be appreciated |
| |
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Fri Mar 27, 2009 7:00 pm |
|
Suggest you disable the NukeSentinel Harvester blocker or find the correct User Agent line that is blocked and remove it |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
welshmark
|
| Posted:
Sat Mar 28, 2009 4:12 am |
|
Thanks for your reply.
I tried disabling the Harvestter Blocker but it made no difference. I this disabled each in the list one at a time. Still no difference. I then disabled NukeSentinel and I could get in.
So Im stuck |
| |
|
|
|
|
nuken
RavenNuke(tm) Development Team
Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina
|
| Posted:
Sat Mar 28, 2009 4:18 am |
|
Does NukeSentinel show your mobile IP as blocked? if so, remove it from the blocked list and try it again. |
_________________
Only registered users can see links on this board! Get registered or login! |
|
|
|
welshmark
|
| Posted:
Sat Mar 28, 2009 10:16 am |
|
No it doesnt. And its not in any blocked ranges
Thanks |
| |
|
|
|
|
floppydrivez
Involved
Joined: Feb 26, 2006
Posts: 340
Location: Jackson, Mississippi
|
| Posted:
Sat Mar 28, 2009 3:09 pm |
|
What mobile browser are you using? Any different from what others are using that can access it?
Could we protect the ip your phone uses from sentinel (if we know it)? |
_________________
Only registered users can see links on this board! Get registered or login!, Only registered users can see links on this board! Get registered or login!, Only registered users can see links on this board! Get registered or login! |
|
 
 |
|
welshmark
|
| Posted:
Sat Mar 28, 2009 5:33 pm |
|
I am using a Samsung F480V. I have no idea what the browser is. Strangely other F480Vs work perfectly well. I seem to have a dynamic IP address on it so presumably so does everyone else on the vodafone network. The guys at Vodafone have tried it and they have no problem either. It seems MY phone is disliked by NukeSentinel (or am I getting paranoid  )
I did try protecting the IP that I was using and then refreshing (Like i did when I disabled NukeSentinel) but that didn't work either 
Thanks |
| |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
| Posted:
Sun Mar 29, 2009 8:47 am |
|
Sounds like there is some program on your phone that is masking your user agent. It is showing as "none", so I suspect that is why it is throwing this message. I know that there are PC based anonymizers which do this. Is there an equivalent running on your phone? |
_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
welshmark
|
| Posted:
Sun Mar 29, 2009 12:34 pm |
|
No nothing like that. This is a new phone. I have not added any software to it yet.
Is there a way to set NukeSentinel to accept none in the User Agent?
Thanks |
| |
|
|
|
|
montego
|
| Posted:
Tue Mar 31, 2009 6:40 am |
|
Although I do not advocate this change as the issue is with your phone or provider and not NukeSentinel, but it is up to you. You can comment out the following code within includes/nukesentinel.php and probably get rid of that problem for you (but essentially get no "invalid user agent" checking any longer... period.):
Code:
// Invalid user agent
if(($nsnst_const['user_agent']=="none" AND !stristr($_SERVER['PHP_SELF'], "backend.php") AND ($nsnst_const['remote_ip'] != $nsnst_const['server_ip'])) || $nsnst_const['user_agent']=="-") {
echo abget_template("abuse_invalid2.tpl");
die();
}
|
|
| |
|
|
|
|
welshmark
|
| Posted:
Tue Mar 31, 2009 3:27 pm |
|
That sounds like the thing I was looking for. Before I do it though it sounds like there are some risks involved with this method. Could you tell me what the problim is and what the likely effect of doing this would be.
Many Thanks
Welshmark |
| |
|
|
|
|
montego
|
| Posted:
Thu Apr 02, 2009 6:41 am |
|
The problem is that something is blanking out your User Agent on either the phone end or somehow with the provider. That is the bottom line.
The likely effect of the above change is that you will no longer have this check done any longer, so basically any user agent at all can access your site, including one without. This check helps to reduce the number of automated programs checking your site for exploits. However, how much is that worth these days? I would suspect that most hackers/spammers have wised up by now and are providing valid (faked) user agents, so just how much is it stopping? Not sure.
Although I haven't checked out all the related code, I suspect that this will not stop the Harvestor Blocker's functionality, so you may not lose that. |
| |
|
|
|
|
horrorcode
Involved
Joined: Jan 17, 2009
Posts: 272
Location: Missouri
|
| Posted:
Fri Apr 17, 2009 5:51 pm |
|
I have a question along these lines. This is the user agent:
| Quote: | | Mozilla/3.0 (compatible; WebCapture 2.0; Auto; Windows) |
Is Mozilla/3.0 really a known harvester? I would assume it has to be correct but, is there any chance of users running under this agent?
Same goes for WebCap, botsvsbrowsers.com says it is not a bot, sentinel says it is. Tested the agent and sure enough sentinel is blocking IPs under that agent.
Reason I ask is I get hits like this one that look valid:
| Quote: | User Agent: Mozilla/3.0 (compatible; WebCapture 2.0; Auto; Windows)
Query String: name=Forums
Get String: name=Forums
Post String: Not Available |
But dont want to allow all harvesters, for example some are libwww-perl... Any suggestions? |
| |
|
|
|
|
bluerace
Regular
Joined: Apr 04, 2009
Posts: 85
Location: Behind you
|
| Posted:
Fri Apr 17, 2009 6:07 pm |
|
I had had similar experience.
In my memory, I changed my mobile and it worked.
I guess the firm ware on your mobile should be upgraded or changed.
I couldn't figure out my similar problem but it works now. |
_________________
Make stupid PHP-NUKE Smart, that's my favorite chore in Only registered users can see links on this board! Get registered or login! |
|
|
|
|
spasticdonkey
RavenNuke(tm) Development Team
Joined: Dec 02, 2006
Posts: 1693
Location: Texas, USA
|
| Posted:
Sat Apr 18, 2009 8:25 am |
|
if you end up disabling user agent checking in nukesentinel, you could add some blocking in htaccess to regain some protection. This is not a current list so you might want to reseach, but heres the basic idea:
Code:RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]
|
|
| |
|
|
|
|
horrorcode
|
| Posted:
Sat Apr 18, 2009 1:53 pm |
|
For now I have the harvester blocker set to 1 day instead of permanent, and disabled it saving to htaccess. I've been trying to watch close enough and it seems 99% of the agents/IPs that are blocked are one time visits, so it might not be much of an issue, still curious though.
spasticdonkey, If I were to go that route, would that mean using the above by montego? Or would I remove all the harvesters, or just disable the harvesters blocker?
What does the last line do,
| Quote: | | RewriteRule ^.* - [F,L] |
|
| |
|
|
|
|
spasticdonkey
|
| Posted:
Sat Apr 18, 2009 8:18 pm |
|
adding that to your htaccess will block those user agents before they even get to sentinel. so you can use it either way, but i think it's a good idea if you use montego's edit.
and the last line blocks access for the above agents 
this is a good site with examples of things you can do with htaccess
http://www.evolt.org/ultimate_htaccess_examples |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
