Browser doesn't send the HTTP_REFERER

Nuke Cadet Joined: Feb 07, 2006 Posts: 8

Some users getting an error when trying to access site. Not sure if its related directly to PHPNuke, but from what I've seen from searching around, it could be one of my blocks or modules.

The error the users are getting is:

Quote:

Warning: your browser doesn't send the HTTP_REFERER header to the website. This can be caused due to your browser, using a proxy server or your firewall. Please change browser or turn off the use of a proxy
or turn off the 'Deny servers to trace web browsing' in your firewall
and you shouldn't have problems when sending a POST on this website.

Any help is appreciated.

Baz

P.S. The quote function works so nicely on these boards, any idea why they aren't working on mine?

Site Admin Joined: Aug 17, 2003 Posts: 12482

See: http://www.nukefixes.com/ftopict-1812.html

Are you using the latest Patched files? What forums version are you using?

Nuke Cadet Joined: Feb 07, 2006 Posts: 8

I am using Patched 3.1 files as of a few weeks ago. Forums are at 2.0.19

Site Admin Joined: Aug 17, 2003 Posts: 12482

Off the top, looks like a problem with 2.0.19 - seems you've been having forums problems all-around

Nuke Cadet Joined: Feb 07, 2006 Posts: 8

Thanks. Thats what I get for wanting to port all the posts and users from phpBB to Nuke.

Nuke Cadet Joined: Mar 10, 2006 Posts: 2

I am getting this error for a few of my people as well, the common factor so far is all are using IE and are running on a wireless network from a PC that is NOT the primary. Often this means the primary PC is running a security program (yeah right security program lmao) that is blocking the sending of the referer. If this is happening on a small time basis for only a few of your friends/members/whatever and you are feeling generous enough to spend time on an individual basis to work this out the following information may be useful to you.

Some Internet Security applications such as Norton Internet Security (NIS) block HTTP_REFERER by default during installation. You may unblock HTTP_REFERER blocking by following the appropriate instructions below. If you are using a security application not listed below, please consult its documentation for instructions for unblocking HTTP_REFERER.

Norton Personal Firewall

Open Norton Internet Security.
Click Options.
Click Internet Security (Personal Firewall).
Click Advanced Options.
Click on the Web tab.
Click Add Site.
In the new site dialog, enter the URL of the site that you want to receive the referrer information and click OK.
Click the name of the new site, which appears in the left frame of the Advanced Options window.
Click the Privacy tab.
Check the "Use these rules for..." box.
Change the Referrer from "Block" to "Allow."
Click Apply, and then click OK.
Click OK to close the Options window.

McAfee Privacy Service
Right-click the red "M" icon by your system clock.
Click "Privacy Service."
Click "Options."
The McAfee Privacy Service window appears. Click the "Cookies" tab.
Enter each website address from which you would like to allow cookies.
Click "Add."
Once completed, close the window.

Zone Alarm Pro
Open Zone Alarm Pro by double clicking on its icon in the system tray.
Click on "Privacy."
Slide the "Cookie Control to Off."

Nuke Cadet Joined: Mar 10, 2006 Posts: 2

oh also to note deleting

Code:

// Posting from other servers in not allowed
// Fix by Quake
// Bug found by PeNdEjO
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
} else {
die($posttags);
}
}

will open you up to the very real possibility of spam attacks as most spammers will not be sending a referer and are ususaly running behind proxies.