Support

Admin Tools

#10233 Ajax search module trigger my IP to be ban

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 20 January 2012 11:49 CST

Thursday, 19 January 2012 08:04 CST

Chacapamac
Joomla 1.5.25

Admin Tools Professional 2.1.14
Description of my issue:

Sometimes an ajax search module trigger an error and my IP become block

The block reason is Template

Thursday, 19 January 2012 08:07 CST

Chacapamac
Oh Yes, I forgot when I get block the You are a spammer message is an white page with a bunch of number/letter/signs
500 Wrapper

Thursday, 19 January 2012 08:10 CST

Chacapamac
I just discover that a params.ini wasn’t upload in the 1.5.25 upgrade in the administrator Khepri

Thursday, 19 January 2012 08:32 CST

nicholas
If the reason is "Template", the documentation describes the workaround since 3+ months ago ;) You have to enable the allow site templates in the WAF config page.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 19 January 2012 09:04 CST

Chacapamac
Cool - What about the bunch of caracters on the error page — Something wrong with Admin

Thursday, 19 January 2012 09:13 CST

nicholas
Without a screenshot I have no idea what you're talking about, therefore can't guess what these are. Maybe you have GZip compression turned on and it screwed up the text on the page?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 19 January 2012 13:13 CST

Chacapamac
The problem was a font open on my computer (Mac) — I get the nice spammer, hacker text... Can’t wait to be able to customize that message.

The error that make Admintools lock me out is when you try to make a search (I reinstall Pixsearch) :
a is null
[Break On This Error] function Hb(a){var b=a.parentNode;(!b||b.nodeType!=1)&&(b=null);return b}


The local site work without those errors...

even with the Allow site templates at yes.
Latest Block Reason Template

I dont think Akeeba extensions are the problem.

site is : http://www.fermesvalens.com

Thursday, 19 January 2012 13:27 CST

Chacapamac
I just uninstall Admin and Akeeba no more errors

I will try to repeat the error and reinstall one by one

I test many time, reload no more error.????

Thursday, 19 January 2012 13:48 CST

Chacapamac
Just reinstall com_akeeba-3.3.11-core
No problems

Thursday, 19 January 2012 13:53 CST

Chacapamac
Just reinstall Admin (without any change to settings) = No errors

Thursday, 19 January 2012 14:14 CST

Chacapamac
Reapply the settings in Admin Configure Waf
Same error —

Thursday, 19 January 2012 14:17 CST

Chacapamac
It seem tha it don’t let me input the text in the Ajax search

When I type the text in the input box the error appear and lock me out — Defenitivly an Admin settings — I’m going back in and take out all template stuff to see

Thursday, 19 January 2012 14:25 CST

Chacapamac
I find something The security Exception Log are:

My IP —Reason = template= in URL

And the target url is :

http://www.fermesvalens.com/index.php?tmpl=component&template=rhuk_milkyway&option=com_search&view=search&ordering=newest


rhuk_milkyway ??????

Thursday, 19 January 2012 14:40 CST

Chacapamac
Rhuk is the fallback template in includes->application.php

// Fallback template
		if (!file_exists(JPATH_THEMES.DS.$template.DS.'index.php')) {
			$template = 'rhuk_milkyway';
		}

Thursday, 19 January 2012 14:48 CST

Chacapamac
Pixsearch creates cache files with
Sz='index.php?tmpl=component&template=rhuk_milkyway&option=com_search&view=search&ordering=newest'
and create an error only when Adminpro is install on the site

Thursday, 19 January 2012 16:03 CST

nicholas
Are you done? Now, can you please read my post and follow my instructions instead of improvising? Reecap:
Go to Admin Tools, Web Application Firewall, Configure WAF
Find the "Allow site templates"
Set to Yes
Click on Save

If this doesn't work, back to the same page, set "Block template=foo site template switch" to No, click on Save.

And, please, DO READ the documentation. FYI it's here: https://www.akeebabackup.com/documentation/admin-tools-docs/web-application-firewall.html#waf-configure When you finally read it you'll realize why this thread is redundant and why I insist that before posting you MUST read the documentation. I know what I've written in there ;)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 19 January 2012 17:00 CST

Chacapamac
To make those trial without being block by admin I turn everything off in the Visual fingerprinting

Some of theses caches files seem necessary for this search module, I try to change all instance of rhuk in them for my template name and even change the fallback template for my template and always the same errors and the search is not working at all.


If I put the original cache files (the one deliver vith the pixsearch installer) with rhuk and no visual fingerprinting

No-error Search working....

That combination
Block tp=1 module debugging - Yes =
Block tmpl=foo system template switch - Yes
Block template=foo site template switch - no
Allow site templates - Yes

Seem to work — What}s the risks


Can I use Exceptions for that module and keep Visual Fingerprinting on ?

Thursday, 19 January 2012 17:19 CST

nicholas
All of the settings under Visual Fingerprinting can be safely turned off. They are paranoid-mode options. And, yeah, you may probably be able to use exceptions for com_search, but I advise AGAINST it. When you activate an exception, no protection measures run for that component! This means that even SQLiShield, an essential feature to protect com_search, is disabled. I'd rather disable all Visual Fingerprinting options globally than have to disable SQLiShield even for one component.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 19 January 2012 17:20 CST

Chacapamac
Sorry for the babbling — I like to try everything possible before putting down some security guard...

Thursday, 19 January 2012 17:24 CST

nicholas
Just try to post a single reply after you're done with your experimentations :) When your posts where pouring in, I was driving. Notifications for new posts come by email to my cellphone. As you understand, it was like hell in my car with my phone ringing all the time while driving (ergo, not able to see WTF it's constantly ringing). When that happens, I usually assume the worst, that something on my site is terribly broken and I have to HURRY back to my computer, driving like a madman.

Please don't subject me to that. One post to sum it all up is MUCH less stressful to yours truly and MUCH easier to read. And I bet that you want me in one piece so that I can answer your posts ;)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 20 January 2012 06:11 CST

Chacapamac
Nicolas, I’m so sorry, I feel awful... I didn’t know.
I feel like a kid that just get caught with is hand in the cookie jar.
Will not do that again I promise :)

I have myself 2 technical help forums, not connected to my phone but I imagine receiving those email one after the other....

Good Day and drive safely

Friday, 20 January 2012 11:49 CST

nicholas
No problem! It's the first time this has happened to me. I will make sure I turn off email alert when driving. I guess that driving safely is ultimately more important than getting anxious about the site – even if it's a real site emergency and the site is completely down :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!