Support

Admin Tools

#11244 403 - Access Denied when using joomla search component

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 24 February 2012 11:17 CST

Friday, 24 February 2012 08:59 CST

user44967
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: (1.5.25)
PHP version: (5.2.10)
MySQL version: (5.0.77)
Host: (Linux)
Admin Tools version: (2.2.0)

Description of my issue:

When I use Joomla Search Component to search my site, I got the following error:
"403 - Access Denied".
If I change the plugins/system/admintools/main.php to main-disable.php, then the search component works.

I tried to use javascript console in Chrome to check which module is blocked, but doesn't help too much. It just showed index.php 403 forbidden and /templates/system/csserror.css

Friday, 24 February 2012 09:07 CST

nicholas
Extensions, Admin Tools, Web Application Firewall, Configure WAF, enable "Allow site templates", Save and you're ready to go. Please refer to the documentation for more information.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 February 2012 09:26 CST

user44967
Hi, Thanks for your quick response.
I followed your instruction "Components, Admin Tools, Web Application Firewall, Configure WAF, enable "Allow site templates", but the problem remains. Any ideas?

Friday, 24 February 2012 09:46 CST

nicholas
Sure, but I will need to know the URL to your site so that I can try the search component and see what happens :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 February 2012 10:00 CST

user44967
www dot yixuan-qin dot info

Friday, 24 February 2012 10:10 CST

nicholas
You have to go to Extensions, Admin Tools, Web Application Firewall, Configure WAF and disable the CSRFShield checkbox.

If this doesn't help, please go to Extensions, Admin Tools, Web Application Firewall, Security Exceptions Log and look at the topmost line in the list. What does it read under the Reason column?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 February 2012 10:22 CST

user44967
I disabled CSRFShield. But the same problem remains.
I checked Security Exceptions Log, but it doesn't log anything about this. The topmost entry was 20 days ago.

Friday, 24 February 2012 10:27 CST

nicholas
What you are describing can't really happen. If renaming main.php allows the search component to work, Admin Tools is blocking the request. When Admin Tools is blocking the request it logs the reason of the block. If you do not see a record in the log, it wasn't Admin Tools blocking the request, in which case renaming main.php wouldn't have any effect. Are you sure that "Log security exceptions" in Configure WAF is enabled? If not, please enable it, try searching for something (so that you trigger the block again), then go back to the security exceptions log and tell me what the reason mentioned there reads.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 February 2012 10:49 CST

user44967
I found some problems, here are what I did:
1. "Log security exceptions" in Configure WAF is enabled? Yes
2. Tried another test to see if it's got logged, say, try administrator link without secrete word. Here is no new entry in the security log.
3. I noticed there are 142 pages (20 entries per page) in the log accumulated.
4. I delete one page, then all the new logs show up, not only today's. So I guess there is a limitation in terms of how many pages it can display in security log, since apparently everything is logged, but not displayed.
5. Then back to your original question, the logged reason is that "Bad behaviour", when the mouse moves over, it displays "POST more than two days after GET"

Friday, 24 February 2012 10:59 CST

nicholas
There is no limitation in the number of pages displayed. The footer (with the page links) and the whole pagination thing is handled by Joomla! itself. I've seen lists with 350 pages and it's perfectly possible to navigate to any page. Yes, Joomla! only shows links to the 10 pages before/after the current one, but that's how Google and other major sites do it too.

Now that we have the reason, we know what's wrong. Either your PC's or your server's date and time is way off. If you can't fix the date/time on your PC or server, just disable the Bad Behaviour integration option in the Configure WAF page.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 February 2012 11:08 CST

user44967
Hi, thanks for your help. I checked the time both on my PC and server, it seems fine. So I restart the httpd on the server, now the time lag has been eliminated.

Friday, 24 February 2012 11:17 CST

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!