Answer | ||
What is NukeSentinel™? NukeSentinel™ 2.0 is the premier security enhancement for websites using the PHP-Nuke content management system. NukeSentinel™ does this by validating all database requests made through standard PHP-Nuke methods (that is, through the mainfile.php functions).
NukeSentinel™ was written by: What NukeSentinel™ is NOT NukeSentinel™ will NOT prevent server-level attacks such as Denial of Service (DoS) attacks. It also will not prevent attacks on other applications or modules that do not use standard PHP-Nuke methods for accessing the database. [ Back to Top ] |
Answer | ||
Why Do I Need NukeSentinel™? PHP-Nuke and PHP-based websites in general have been susceptible to various types of improper access and defacement via techniques like cross-site scripting (XSS), SQL injection, and others. The worldwide popularity, modular design, public access to all source code and database design, and multiple public support websites are both a blessing and a curse to the hundreds of thousands of web masters using PHP-Nuke-based websites.
Unlike those of proprietary systems, PHP-Nuke's security flaws are available for all to see. These flaws are further exaggerated by similar issues with both PHP itself and the commonly used open-source database MySQL, which is used by the majority of PHP-Nuke websites. This volatile mix has given birth to a plethora of web “gangs” - teams of (usually young, attention-seeking) miscreants (often referred to as “script kiddies”) who use published attacks on PHP-Nuke web sites. Since the majority of these attacks are attempts to gain improper access to the PHP-Nuke database, NukeSentinel™ can provide a highly effective level of protection. [ Back to Top ] |
Answer | ||
How do I install NukeSentinel™? Follow the instructions in the README.txt file that is included in the distribution.
In a nutshell: [ Back to Top ] |
Answer | ||
How do I configure NukeSentinel™? From the installation script (nsnstp.php), click the Goto NukeSentinel™ Admin link. From the Admin page, select the NukeSentinel™ link.
You will likely notice many red circles with a question mark inside (). You can click these for more information or explanations about the setting or link next to the circle. The NukeSentinel™ Administration menu is displayed on all NukeSentinel™ administration / configuration pages. It contains links to: The NukeSentinel™ Administration is displayed. On this page, you can set: Selecting NukeSentinel™ Configuration displays the configuration menu, where you can set options for the following blockers: Each blocker has its own: The Activation Level can be to one or more of the following: Some blockers require additional information. You must specify a list of harvesters, referers, request methods and strings to block attacks using these techniques. A default list is installed for harvesters and referers. It is important to understand that NukeSentinel™ will prevent improper access regardless of the blocker settings, with the exception of referers and harvesters. The blocker settings simply specify what, if anything, else NukeSentinel™ will do when an attempt to gain improper access occurs. [ Back to Top ] |
Answer | ||
Should I use .htaccess or the NukeSentinel™ database or both to block IP addresses? Actually, the database is used by default. If your server runs Apache AND you choose to set the configuration such that your .htaccess path is defined AND you set the configuration for one or more blockers to use .htaccess, it will add blocked IPs to both your database and the .htaccess file.
Since your server (again, assuming you have Apache) checks the .htaccess file BEFORE allowing access to your website, you can prevent access from specified IPs at the server level. If you do not block at the server level via .htaccess, NukeSentinel™ will look at the database to determine which will be blocked. If you have a high volume site, you might prefer to use the .htaccess since that method will require less effort than having PHP-Nuke via NukeSentinel™ check the database. One disadvantage of using the htaccess is that it adds another layer of complexity to what NukeSentinel™ does. If NukeSentinel™ doesn't correctly update the .htaccess file, it could cause server errors and prevent all access to your site. I experienced this when manually adding blocked IPs, but I simply edited the .htaccess file and removed the bad characters to correct. If you don't have a high volume site or you don't feel comfortable editing the .htaccess file (it's pretty straightforward, I think, and you most likely won't need to do so), I'd suggest just using the database (i.e. let NukeSentinel™ do the work). [ Back to Top ] |
Answer | ||
What are templates? Templates are... [ Back to Top ] |
Answer | ||
How do I test NukeSentinel™ to make sure it is working properly? If you ban yourself, you just need to remove your IP address from the nuke_nsnst_ips table and, if appropriate, the .htaccess file. If you disable the .htaccess during your testing, that's one less thing you'll need to update after a successful test. [ Back to Top ] |
Answer | ||
How do I maintain my site's security using NukeSentinel™? Adding IP addresses, adding to lists, etc [ Back to Top ] |
Answer | ||
How can I support NukeSentinel™? [ Back to Top ] |
Answer | ||
How do I resolve common problems? Common problems... [ Back to Top ] |