::: Software developers like to solve problems. This online community is the perfect place for us to help each other ::: We really appreciate it when you take the time to login and look around. We spent a lot of time building this network and nothing makes us more happy than when our visitors truly enjoy their visit! ::: There is so much more here to see, it takes 30 seconds to register an account and we don't even verify with e-mail! Just register we promise you won't be sorry... ::: Your Monitor Resolution is ::: Please Login or Register
IPHub is an IP lookup website featuring Proxy/VPN detection. A free API is available, so you can perform fraud checks on online stores, detect malicious players on online games and much more! Click here to sign up for FREE today at ipHub ::: Country Music: The Soul Circus Cowboys ::: Sponsor: Brandon Maintenance Management, LLC Phone: 813-846-2865 ::: Sponsor: Big Country Radio - The EJ Morning Show :::
Portal Menu
(NukeSheriff)
Bob Marion's 86it Portal

New content ! Home


ECalendar
April 2021
S M T W Th F S
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Honey Pot
Bots in the pot!
We have stopped [0] bots!
HeadShotDomain
Search

nuke SENTINEL™

You have been warned!

We have caught 109730 shameful hackers.

Installed On: October 23rd, 2000
Last upDate: April 7th, 2021

How injections are prevented by our NukeSentinel CMS portal addon.

About 17 years ago, full-featured « website/portals » as we called them, were all the craze. PHP-Nuke was something easy to install on the many free Web Hosting accounts that were available. It was the first CMS ever created and/or available and also came with lots of awesome features. But it had a price: It had unprofessional code, it was very unstable, and almost unmaintainable, and then last but not least it was horribly insecure. If you want to know why it has some of the security holes or problems that it had, you would have to take a look under the hood, maybe explore some of the old original source code, you would see right away why someone needed to organize re-write and clean up. During the time of its production and release SQL injection and a few other security risks were a big problem: Search Engine, Contact Form, Forged Cookies, you name it. It was almost impossible to maintain so some folks got togethor and added a security layer, covering every security case you could imagine. Thus the birth of NukeSentinel...

CURRENT FEATURES:
  1. Improved Scripting Attack filters.
  2. Repaired a couple of missing tags in admin pages.
  3. Updated Blocks for titles and compliance.
  4. Moved "Country List" link to the main menu.
  5. 100% W3C XHTML 1.0 Transitional Compliant.
  6. The administrator can define the ability to have blocked users either: a) be forwarded to a page (or) b) be forwarded to an admin-defined URL.
  7. Enhanced Administration Functions.
  8. Writes information to Apache's .htaccess file (for increased security on blocking).
  9. Cleaned up coding and variables.
10. Can now remove blocked ip's from Apache's .htaccess file while removing them from the DB.
11. Can alter blocked ip's in Apache's .htaccess file while altering them in the DB.
12. Improved paging system in the Administration area.
13. Added Remote IP and User-Agent to the "blocked" page display.
14. Added CLIKE protection with an on/off switch.
15. Added UNION protection with an on/off switch.
16. Added Harvester protection with an on/off switch.
17. Added AUTHORS table protection with on/off switch.
18. Improved speed relating to blocked ip checking.
19. Added Page Sorting options for blocked ip pages.
20. Added PC Killer option.
21. Repaired PC Killer loop problem.
22. Added "Last 10 Blocked IPs" block.
23. Reconfigured the nsnst_config table.
24. Repaired language file loading.
25. Updated the lang-english.php file.
26. Updated blockers to allow email only, block and email, and off.
27. Repaired "Edit Blocked IP" routine.
28. Repaired NukeSentinel(tm) Configuration.
29. Now clears user sessions from both Nuke as well as Forums tables.
30. Added a new block that shows IP lookups to the public as well as to admins.
31. Added "blocker type" specific responses.
32. Added the ability for block settings to now show ip lookup link and reason.
33. Enabled Multiple email addresses for notifications. (may need work).
34. Will match db stored IP addresses of xxx.*.*.* as global blocks.
35. When blocking IP's it will use .* as the global range.
36. Enabled Blocker-specific information to be written to Apache's .htaccess file(if your server supports it).
37. Enabled Blocker specific forwarding.
38. Enabled "Protected Admins" functions (Can only be set up by the "God" level Administrator)
39. Enabled "HTTP Auth" function (If your server has PHP compiled as an Apache Module, but not if your server has PHP compiled in CGI Mode).
40. Enabled "Proxy Blocker" capabilities with on/off switch.
41. Enabled DOS (Denial Of Service) Attack Protection.
42. Enabled Mouse-over & Mouse-clicks Options in Help System.
43. Enabled Mouse-clicks for Info System.
44. Corrected problem with sites pulling your backend.php news feed.
45. Reordered blockers for better trapping of attacks.
46. Corrected a bad case for IP2C Searching.
47. Corrected the is_god function. Around line 801 you can allow superusers in but as default, it requires God status.
48. Corrected the blockers error of an empty set.
49. Corrected a missing HELP define.
50. Added Santy Worm protection (Thanks to NSN France)
51. Added check box so you can return to the Add IP/Range screens faster
52. Recoded includes/nukesentinel.php to load and run faster.
53. Rebuilt the Search function to search all IP areas at once and display the results.
54. Added test switch for HTTPAuth and register_globals. Helps prevent admins being locked out of admin.php.
55. Added switch for Santy Worm protection.
56. NEW import system for adding IP 2 Country data and importing Blocked Ranges.
57. Created master globals in includes/nukesentinel.php for easier and faster processing.
58. You can use the new master global by adding to your global lines throughout PHP-Nuke.
59. Adapted for 7.7 WYSIWYG editor. (Thanks to WD-40)
60. Enclosed table and field names with ` marks on SQL queries.
61. Improved the Add IP 2 Country Range failure report page.
62. includes/nukesentinel.php checks for the var and sets it if it isn't set.
63. Added Country Listing page in IP 2 Country management. Now you can easily find the c2c codes.
64. Changed the IP Tracking from a max number of lines to a max number of days.
65. Added the gfx=gfx_little clause to prevent being tracked and wasting DB space.
66. Removed unused code and language defines.
67. Corrected a Search Results error.
68. Re-ordered the lang file to prevent Undefined error.
69. ChatServ updates to replace == "" to empty() in many locations.
70. Updated Edit Instructions (Includes updates by ChatServ for Patched 3.1).
71. Moved import directory out of the admin directory structure so it can be deleted after importing data easier.
72. Added routines to check the range database table for overlaps.
73. Updated import data (ip2country data from the NukeScripts site).
74. NEW Flood Protection on GET and POST requests. (Thanks to Manuel)
75. Added global for SERVER_ADDR as $nsnst_const['server_ip']. Can be useful in
       other scripts to check if the request comes from your server or from a client.

75. Added global for SERVER_ADDR as $nsnst_const['server_ip']. Can be useful in
       other scripts to check if the request comes from your server or from a client.

PHP-Nuke's Original features

The Original Features that were in PHP-Nuke all the way up until release v8.2.4

PHP-Nuke is a content management system allowing webmasters to create community-based portals (websites), allowing users and editors to post news items (user-submitted news items are selected by editors) or other types of articles. Registered users can then comment on these articles.

Modules could be added to the PHP-Nuke system allowing additional features such as an Internet forum, Calendar, News Feed, FAQs, Private Messaging, and others. The site was maintained through an administration interface much like 99% of the CMS solutions out there.

PHP-Nuke included the following PHP support and modules:

PHP ⇒ 4 & 5 Support 

⇒ Advertising ⇒ Manages ads on the page layout (theme). Supports images/links, JavaScript/HTML, and Flash

Avantgo ⇒ Provides mobile versions of the last 10 news articles

Content ⇒ Manages the main content "pages"

Downloads ⇒ Manage file downloads. There are no uploads—it stores links to files on other servers

Encyclopedia ⇒ Manages phrases/words and definitions

FAQ Manages ⇒ Frequently Asked Questions (FAQ)

Feedback ⇒ Communicate to the webmaster. It is an online form but provides feedback via email.

Forums ⇒ Manage discussion forums for the site. It is based on bb2nuke, which is a PHP-Nuke port of the popular open-source phpBB discussion board.

Journal ⇒ Maintain public and/or private notes

Members List ⇒ Displays site members

News ⇒ Manages news stories, including future-dated news to be released at a specific date and time. Each article can be assigned to a single category.

Private Messages ⇒ Allows members to send private messages to others on the site. Members can prevent messages from other members.

Recommend Us ⇒ Send an email message recommending the site to others.

Search ⇒ Allows users to search your site.

Statistics ⇒ Displays summary and detailed site statistics, including page views. 

Stories ⇒ (News) Archives Provides access to older news articles.

Submit News Stories ⇒ Allow visitors to submit news. Email notifications were sent to the website owner, but the submission was stored in the administrator control panel.

Surveys ⇒ (Polls) Create visitor surveys.

Top ⇒ Displays the most-visited articles, downloads, etc.

Topics ⇒ Displays news by topic. The administrator defines the topics and assigns topics to content.

Web Links ⇒ Manages a hierarchical directory of links to selected websites

Your Account ⇒ Manages member "profiles" information, including their preferred theme, the number of news articles to display on their home page, etc.

⇒  Security Holes ⇒ Lots of holes were discovered in PHP-Nuke, including SQL injection via unchecked PHP code. The birth of NukeSentinal was a result. 

Search Engin Problems ⇒ PHP-Nuke had issues with some search engine indexes. PHP-Nuke did not use simple URLs or unique titles for pages.

 

Yours Truly,

Nuke Sheriff


Posted by NukeSheriff on Wed Apr 07, 2021 6:01 pm
( comments? PHP-Nuke | Features | Score: 5 ) ( Reads: 67 )
Forums
Topic Forum Last Post
Welcome to NukeScripts.Net we are running PHP-Nuke Titanium
Started by TheGhost
NukeScripts.Net 0 Replies
69 Views
Jul 13th 2009 2:22 pm
by TheGhost
User Info
Good morning 
Anonymous



 Register
 Lost Password
Username
Password
Login to our facebook app

Online Stats
 Member(s)0
 Guest(s)1
 Total1
Online
Guest(s)
01. Guest

Select Theme


Information

Powered by PHP-Nuke

Valid HTML 4.01!

Valid CSS!