Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Getting banned for using [ code ]
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
Xiode
Regular
Regular



Joined: Jun 15, 2005
Posts: 78
Location: AR
PostPosted: Sat Oct 08, 2005 2:33 pm Reply with quote
For some reason the regular users on my site are getting banned for putting code into thier posts. the reason says scripting but they are using [ code ].... Any ideas?

_________________
**Mental Note** Signature Goes Here! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Sun Oct 09, 2005 12:02 am Reply with quote
Using bbcodes will not stop that. NukeSentinel is set to catch the same tags that are in your mainfile.php file. As is required here and most any site that uses NukeSentinel, you have to break up thos tags, like <scr~ipt>, etc. What I do is just warn and don't actually ban.
 
View user's profile Send private message
felosi
New Member
New Member



Joined: Oct 09, 2005
Posts: 7
PostPosted: Sun Oct 09, 2005 3:36 am Reply with quote
My sentinel is banning people for clicking on the scrolling downloads block and download details which the bl;ock links to the details of course. I see its usualy bans on big names or nams like- Filename (MUST HAVE). I was thinking about turning off the scripting blocker as I dont see how a patched site can be succepstibel to scripting anyway and its caused me a few problems with some users. But better safe then sorry I guess.
 
View user's profile Send private message
Raven
PostPosted: Sun Oct 09, 2005 11:01 am Reply with quote
Here again, this is well documneted in these forums. () is so often used for XSS scripting attacks. You need to change all () to []
 
felosi
PostPosted: Sun Oct 09, 2005 12:13 pm Reply with quote
I had figured out it was the (). I always try to search before asking questions or posting so I apologize for not noticing that had been discussed before.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©