3 of 4 people found this review helpful

This modules is amazing. It helps keep the hackers out of my website by stopping them in their tracks!

When someone tries to hack your site, you are emailed what their actions are, and they are consequently banned!! (Owned in the face!)

This is the most useful and helpful module on my website. I feel secure and safe. My website is truly protected.

To ward off those malicious evil-doers, this module comes with blocks displaying its presence.

It is included with the RavenNuke distribution package, but is also easily downloaded and installed from the Nuke Sentinel's distribution site.

In all future websites, this module will always be included.

~VirtualWar

0 of 1 people found this review helpful

I would definitely never ever run a nuke site without Nuke Sentinel being installed.

4 of 4 people found this review helpful

NukeSentinel is the premier site security management addon for PHP-Nuke-based sites. Its primary function is to prevent most types of attacks, including cross-site scripting, SQL injection, flood, harvesters, and even bad referers. When an attack is detected, it can block the attackers IP, redirect, display a blocked message (which can be customized), and / or simply notify the webmaster. It can also block proxies and most DOS and Santy Worm attacks. If necessary, NukeSentinel can use the included IP2Country data to block entire countries or suspected fake IP addresses.

In addition, NukeSentinel can track users, force a single URL (which can help search engine rankings), and allow webmasters to disable their sites for maintenance.

Developed by Bob Marion of NukeScripts.net, Raven of RavenPHPScripts.com, and Chatserve of NukeFixes.com (with assistance from many others in the Nuke community), NukeSentinel has been successfully protecting PHP-Nuke websites for over 4 years - with frequent updates to address new challenges are they happen. The rare successful attack has almost always been attributed to the lack of admin authentication (NukeSentinel supports this on some servers, and assists in the setup on others) or a roque application that allows access to attacks by bypassing NukeSentinel.

With all this (and popup help, too!), could NukeSentinel get better? Yes! As attackers leverage spoofing tools more and more, setting NukeSentinel to block IP addresses can result in legitimate IPs like the IP for GoogleBot getting blocked. This can have a significant negative impact on your search engine rankings. And, as the valid IP addresses changes frequently, keeping the IP2Country database is time-consuming (not to mention hungry for disk space!). These issues could both be addressed simply by changing default settings from block to redirect and from checking for invalid IP address to bypassing this check. Using a web service to provide IP details could significantly reduce the space required for IP2Country, as well as the need for frequent updates.

On the whole, most experienced Nuke webmasters wouldn't run a Nuke site without NukeSentinel. That's probably why most distributions (Nuke Evolution, Nuke Platinum, RavenNuke, FutureNuke, DadaNuke, BonusNuke, etc.) include it pre-installed with the core software. Those of you who used Nuke prior to 2005, probably donate to NukeScripts.com on a frequent basis. If not, you should...