I finally got around to finishing all my sec updates. Installed Admin Secure and now I nor any of my site helpers can edit Content using html.
I have 6 plus pages that iI use html on for medals and such for a game we play online.
I have to turn Sentinel off to do this is there a way to disable Admin Secure just long enough for us to make these changes to these pages.
Also I notineced in the readme and other files that a email is supposed to be sent. I don't receive a email, and where can I access these other functions that are in Admin Secure.
I see that it says this but I don't see it anywhere in my admin section.
Add: Site Close/Open option in Administration Panel
- Add: Unapproved admin accounts deletion from Administration Panel
- Add: Confirmation Prompt (see configuration.txt)
- Add: Selectable Blocking page (either html page or server response codes)
- Add: SQL Injection deep scanning mode
- Add: Illegal HTML Tags deep scanning mode
- Add: Tracking System (see configuration.txt)
- Add: Maximum Site Visitors (see configuration.txt, thanks to John1000)
- Add: Send mail notification as MIME mail
- Add: Send mail notification using IMAP (if supported by server)
- Upd: Strengthen Admin Secure global variables
- Upd: Improve Admin Secure Administration Panel interface
I know its working I try hacking my own site and get a page saying that the action has been blocked so I am lost here now. TY for any help. Holla!!!
_________________ Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
Raptor1 Sergeant
Joined: Oct 06, 2003
Posts: 85
Location: Conway SC
Posted:
Fri Jul 09, 2004 10:33 pm
6 pack and a spliff allowed me to see what I didn't see before, I located my asnwer in the docs of Admin Secure.
Now to find out how I can deactivate things so that I can update using html so I wont get banned. Holla!!!
Any answers to this will help. TY Holla!!!
www.noobsinc.com
_________________ Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
madman Support Mod
Joined: Feb 15, 2004
Posts: 806
Posted:
Sat Jul 10, 2004 8:15 am
Raptor1 wrote:
I finally got around to finishing all my sec updates. Installed Admin Secure and now I nor any of my site helpers can edit Content using html.
Some HTML tags are forbidden by Admin Secure. HTML tags checker can be disabled from ase.php, under config page (Filter HTML Tags option).
Raptor1 wrote:
I see that it says this but I don't see it anywhere in my admin section.
You should run asec.php to access Admin Secure Administration Panel. Only God admins can access this file.
_________________ I'm
Raptor1 Sergeant
Joined: Oct 06, 2003
Posts: 85
Location: Conway SC
Posted:
Sat Jul 10, 2004 9:30 am
madman wrote:
Some HTML tags are forbidden by Admin Secure. HTML tags checker can be disabled from ase.php, under config page (Filter HTML Tags option)..
TY for the response. The 2nd part I got that figured out after going to the store for another 6 pack - sad when you got nuke on the brain on your way to get drunk.
Now for the 1st ? about html disabling.
How much of a security risk is this and exactly what do I edit in this file. I think I'll make a copy of it and replace with the edited one whn we need to update those pages. TY so much. Holla!!!
_________________ Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
madman Support Mod
Joined: Feb 15, 2004
Posts: 806
Posted:
Sun Jul 11, 2004 4:36 am
Raptor1 wrote:
Now for the 1st ? about html disabling.
How much of a security risk is this and exactly what do I edit in this file. I think I'll make a copy of it and replace with the edited one whn we need to update those pages. TY so much. Holla!!!
There some security issues when disabling html filter, such as site defacements (changing the appearances of your site) until admin auto creation through image tag.
You can disable most security features through "Filter Proofing" option in AS config menu. Set it as either "God Admin Only" or "Administrators", and you (as admin) can submit news for your site (either from Submit News module or Add Stories admin menu) using any html tags, except those restricted by PHP-Nuke itself.
You can read on /docs/filter.txt file shipped with AS compressed archive to lean filtering schemes provided in AS.
_________________ I'm
Raptor1 Sergeant
Joined: Oct 06, 2003
Posts: 85
Location: Conway SC
Posted:
Mon Jul 12, 2004 2:36 pm
1 last ? madman.
I am trying to get the asap link in my admin section but can get it to work for the life of me.
I renamed my asec.php to say thisfile.php ok
Do I rename the link.asec.php to say link.thisfile.php?
I am reading the tips file and can't seem to figure this one out.
I am God Admin but can't see it for the life of me.
TY. Holla!!!
_________________ Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
madman Support Mod
Joined: Feb 15, 2004
Posts: 806
Posted:
Mon Jul 12, 2004 2:50 pm
Raptor1 wrote:
I renamed my asec.php to say thisfile.php ok
Nope.
You should rename it to asap-something.php
For example, asap-thisfile.php would work.
Raptor1 wrote:
Do I rename the link.asec.php to say link.thisfile.php?
Yes you can. But why? It wouldn't make any differences.
Raptor1 wrote:
I am reading the tips file and can't seem to figure this one out. I am God Admin but can't see it for the life of me.
I hope you can now.
_________________ I'm
Raptor1 Sergeant
Joined: Oct 06, 2003
Posts: 85
Location: Conway SC
Posted:
Mon Jul 12, 2004 3:30 pm
TY bro got it working, the asap- was what I wasn't adding. to many beers need to cut back to a 12 pack a day.
Will you ever offer a block to display IP's with Admin Secure. Scrolling if possible.
I have had maybe 6 hits since installing a few days ago. I am a block freak and was just wondering if you will ever make one for it. TY.
BTW - Admin Secure Rocks - I like all the features of it. I have Admin tap, Fortress, Protector, Hack Attempt, Ravens Script, Admin Secure. Admin Tap may be removed, dang thing stops me from click on some things in the site. Kinda annoying at times. Holla!!!
_________________ Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
madman Support Mod
Joined: Feb 15, 2004
Posts: 806
Posted:
Mon Jul 12, 2004 4:15 pm
Raptor1 wrote:
TY bro got it working, the asap- was what I wasn't adding. to many beers need to cut back to a 12 pack a day.
You need to stop drinking beers too much. Drink whiskey some time.
Raptor1 wrote:
Will you ever offer a block to display IP's with Admin Secure. Scrolling if possible.
It's fun if your site's security are transparent to your visitors?
Exposing IP addresses isn't Admin Secure policy. But someone can create a block script for such purposes.
Raptor1 wrote:
BTW - Admin Secure Rocks - I like all the features of it. I have Admin tap, Fortress, Protector, Hack Attempt, Ravens Script, Admin Secure. Admin Tap may be removed, dang thing stops me from click on some things in the site. Kinda annoying at times. Holla!!!
Sounds like a security freak. Admin Tap now integrated to Portress.
Take care, keep secure, and drink whiskey some time.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
