Support

Admin Tools

#12476 locked out of site by WAF

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 01 June 2012 04:28 CDT

user58181
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Chapter 2 Using Admin Tools
Joomla! version: 2.54
PHP version: 5.3
MySQL version: 5.5.22-cll
Host: (optional, but it helps us help you)
Admin Tools version: 2.2.0

Description of my issue: Activated WAF. Since then locked out.
-> site file manager ...-> plugins/system/admintools/admintools
renamed main.php to main-disable.php
Still unable to access

nicholas
Akeeba Staff
Manager
Let's try something else. Delete the plugins/system/admintools directory. This will remove the code files of the plugin, so the plugin is not even loaded. If the problem persists, it's not related to the plugin. In that case I want you to explain what "locked out" means. Do you get a blank page? A specific error message? The more descriptive you are the better I will understand what is going on and the better I will be able to help you.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user58181
Thank you Nicholas.

Message is "unable to connect to LDAP server" (see attached image)

Deleted admin tools directory as you suggested but still unable to log in using usual user name and password. It was my understanding from documentation that WAF still allowed login with usual ID and password after activation

Problem occurred on first attempted login after activating WAF. No other changes made to site at that time

I also have RS Firewall! component lockdown enabled and have been using this for some time without any problems. Is it possible there is a conflict between this and WAF?

nicholas
Akeeba Staff
Manager
Nope, this is an unrelated error. You have enabled Joomla!'s LDAP user authentication plugin. This is what is throwing the error, not Admin Tools.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user58181
Thank you Nicholas

I will pursue other strategies in solving the problem

nicholas
Akeeba Staff
Manager
You're welcome, Ian! Normally you can just disable that plugin from the plugins manager. If you can't log in to your site, you can always rename the plugins/authentication/ldap directory to ldap.bak and Joomla! won't be able to find that plugin anymore, therefore skip it and not load it.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user58181
Thank you again Nicholas

I have already disabled LDAP but continue to be unable to log in. Not accepting valid user name on login, message = Failed to authenticate. Access denied. There is a thread on Joomla forum about this sequence of lockouts and I am awaiting a reply there.

Thank you for your interest

nicholas
Akeeba Staff
Manager
Let's make sure that the problem is indeed caused by Admin Tools. In order to do so, try the following:

1. Try setting the Error Reporting level in your Global Configuration to "None". Many errors are caused by harmless PHP Notices and Warnings being output to the browser, breaking anything which requires HTTP header manipulation such as Joomla!'s session management, AJAX calls and download systems.

2. Try to replicate the issue after disabling the "System - Admin Tools" plugin. If you can still replicate the issue, it is not caused by Admin Tools. Disabling that plugin means that Admin Tools code (including the Web Application Firewall) is not running on your site.

3. If you suspect an issue with the .htaccess file, replace its contents with the contents of the stock htaccess.txt file shipped with every version of Joomla!. If you are on GoDaddy please wait for 1-30 minutes for the changes to be effective. Then, retry loading the problem page. If you can still reproduce the error, then it is not caused by .htaccess Maker.

If doing any of the above resulted in the issue still occurring, it's not related with Admin Tools and I can't help you. If doing any of the above did stop the issue from occurring, we'll have to do some troubleshooting.

First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log and go to the last page. The last log entry should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that I can help you.

If, however, you do not see a log entry, or the Date and/or IP address do not match your last access, this problem is not caused by Admin Tools' WAF. In this case, you will have to do some .htaccess troubleshooting. You may need to read the general .htaccess troubleshooting page, as well as the page on finding out necessary .htaccess exceptions.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user58181
Thank you once again Nicholas

I have now solved the problem. I accessed my Joomla user table and found that my user name and email address had a Joomla table prefix added (the prefix was not my Joomla table prefix)and the field "block" was set to "1". I deleted the prefixes, set block to "0" and generated a hash for a new password and entered this in the table and now I can access my backend!

Your continued and rapid responses to my problem (even though it seems that it was unrelated to WAF) were very much appreciated

Ian

nicholas
Akeeba Staff
Manager
Hi Ian,

Hm, in retrospect I think I was trying to solve the wrong problem. Your inability to login must have happened right after using Admin Tools' Super Administrator ID feature and a subsequent accidental deactivation of the regular user account. For more information read the documentation of that feature and this page: https://www.akeebabackup.com/documentation/troubleshooter/atsaid.html

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!