Freeware reviews, comparisons, rankings FAQ (Frequently Asked Questions)



Category: Main ->

Question
·  What is NukeSentinel™?
·  Why Do I Need NukeSentinel™?
·  How do I install NukeSentinel™?
·  How do I configure NukeSentinel™?
·  Should I use .htaccess or the NukeSentinel™ database or both to block IP addresses?
·  What are templates?
·  How do I test NukeSentinel™ to make sure it is working properly?
·  How do I maintain my site's security using NukeSentinel™?
·  How can I support NukeSentinel™?
·  How do I resolve common problems?

Answer
·  What is NukeSentinel™?
NukeSentinel™ 2.0 is the premier security enhancement for websites using the PHP-Nuke content management system. NukeSentinel™ does this by validating all database requests made through standard PHP-Nuke methods (that is, through the mainfile.php functions).

NukeSentinel™ was written by:
  • Bob Marion, NukeScripts.net, official download site
  • Raven, RavenPHPScripts.com, official support site
  • Chatserv, NukeFixes.com
  • GanjaUK, GanjaUK.com, official download for PCKiller templates

    What NukeSentinel™ is NOT

    NukeSentinel™ will NOT prevent server-level attacks such as Denial of Service (DoS) attacks. It also will not prevent attacks on other applications or modules that do not use standard PHP-Nuke methods for accessing the database.
  • [ Back to Top ]

    ·  Why Do I Need NukeSentinel™?
    PHP-Nuke and PHP-based websites in general have been susceptible to various types of improper access and defacement via techniques like cross-site scripting (XSS), SQL injection, and others. The worldwide popularity, modular design, public access to all source code and database design, and multiple public support websites are both a blessing and a curse to the hundreds of thousands of web masters using PHP-Nuke-based websites.

    Unlike those of proprietary systems, PHP-Nuke's security flaws are available for all to see. These flaws are further exaggerated by similar issues with both PHP itself and the commonly used open-source database MySQL, which is used by the majority of PHP-Nuke websites. This volatile mix has given birth to a plethora of web “gangs” - teams of (usually young, attention-seeking) miscreants (often referred to as “script kiddies”) who use published attacks on PHP-Nuke web sites. Since the majority of these attacks are attempts to gain improper access to the PHP-Nuke database, NukeSentinel™ can provide a highly effective level of protection.
    [ Back to Top ]

    ·  How do I install NukeSentinel™?
    Follow the instructions in the README.txt file that is included in the distribution.

    In a nutshell:
  • Extract the files, including directories
  • Rename the javascript.tmp file to javascript.php in the /includes directory
  • Edit your mainfile.php and add *include("includes/sentinel.php");* just after the opening Upload/FTP everything in the /html directory
  • load the nsnst.php file in your browser (e.g. http://www.mydomain.com/nsnst.php)
  • select the appropriate installation option (e.g. new installation or upgrade from a previous release)
  • see the instructions for configuring NukeSentinel™
  • delete the nsnst.php and nsnib.php from the Nuke directory
  • [ Back to Top ]

    ·  How do I configure NukeSentinel™?
    From the installation script (nsnstp.php), click the Goto NukeSentinel™ Admin link. From the Admin page, select the NukeSentinel™ link.

    You will likely notice many red circles with a question mark inside (). You can click these for more information or explanations about the setting or link next to the circle.

    The NukeSentinel™ Administration menu is displayed on all NukeSentinel™ administration / configuration pages. It contains links to:
  • NukeSentinel™ Administration
  • NukeSentinel™ Configuration
  • Site Administration
  • Blocked IP Addresses
  • Add IP Address
  • Clear All IP addresses
  • Clear Expired Blocks
  • Protected Admins List
  • Admin HTTPAuth List
  • Scan for New Admins

    The NukeSentinel™ Administration is displayed. On this page, you can set:
  • Side Box Settings
  • Site Status
  • Proxy Blocker Status
  • Administrative Settings
  • List Page Settings

    Selecting NukeSentinel™ Configuration displays the configuration menu, where you can set options for the following blockers:
  • Admin
  • C-Like
  • Union
  • Filters
  • Harvester
  • Referer
  • Scripting
  • Request Method
  • String

    Each blocker has its own:
  • Activation Level (what to do when an attack is detected)
  • Setting to Write to .htaccess (if appropriate and set in the NukeSentinel™ Administration settings)
  • Forward To address/URL (if the activation level includes Forward)
  • IP Block Type (if the activation level includes Block)
  • Default Page (if the activation level includes Default)
  • Email IP Lookup (if available and the activation level includes Email)
  • Reason
  • Block Duration (if the activation level includes Block)

    The Activation Level can be to one or more of the following:
  • email the admin
  • block the IP in database and, optionally, .htaccess
  • forward the offending user to a default / template page
  • forward the offending user to a specified forward address / URL

    Some blockers require additional information. You must specify a list of harvesters, referers, request methods and strings to block attacks using these techniques. A default list is installed for harvesters and referers.

    It is important to understand that NukeSentinel™ will prevent improper access regardless of the blocker settings, with the exception of referers and harvesters. The blocker settings simply specify what, if anything, else NukeSentinel™ will do when an attempt to gain improper access occurs.
  • [ Back to Top ]

    ·  Should I use .htaccess or the NukeSentinel™ database or both to block IP addresses?
    Actually, the database is used by default. If your server runs Apache AND you choose to set the configuration such that your .htaccess path is defined AND you set the configuration for one or more blockers to use .htaccess, it will add blocked IPs to both your database and the .htaccess file.

    Since your server (again, assuming you have Apache) checks the .htaccess file BEFORE allowing access to your website, you can prevent access from specified IPs at the server level. If you do not block at the server level via .htaccess, NukeSentinel™ will look at the database to determine which will be blocked.

    If you have a high volume site, you might prefer to use the .htaccess since that method will require less effort than having PHP-Nuke via NukeSentinel™ check the database.

    One disadvantage of using the htaccess is that it adds another layer of complexity to what NukeSentinel™ does. If NukeSentinel™ doesn't correctly update the .htaccess file, it could cause server errors and prevent all access to your site. I experienced this when manually adding blocked IPs, but I simply edited the .htaccess file and removed the bad characters to correct.

    If you don't have a high volume site or you don't feel comfortable editing the .htaccess file (it's pretty straightforward, I think, and you most likely won't need to do so), I'd suggest just using the database (i.e. let NukeSentinel™ do the work).
    [ Back to Top ]

    ·  What are templates?
    Templates are...
    [ Back to Top ]

    ·  How do I test NukeSentinel™ to make sure it is working properly?


    If you ban yourself, you just need to remove your IP address from the nuke_nsnst_ips table and, if appropriate, the .htaccess file.

    If you disable the .htaccess during your testing, that's one less thing you'll need to update after a successful test.
    [ Back to Top ]

    ·  How do I maintain my site's security using NukeSentinel™?
    Adding IP addresses, adding to lists, etc
    [ Back to Top ]

    ·  How can I support NukeSentinel™?
  • Donate to NukeScripts.net, RavenPHPScripts.com, NukeFixes.com, and / or Ganjauk.com
  • Participate in the official support forms at RavenPHPScripts.com
  • [ Back to Top ]

    ·  How do I resolve common problems?
    Common problems...
    [ Back to Top ]