Support

Admin Tools

#13748 CloudFlare & Admin working together?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 10 October 2012 11:37 CDT

Tuesday, 09 October 2012 08:04 CDT

Chacapamac
Joomla! version: 1.5.26
PHP version: (unknown)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: last 1.5 version (.10????)

Description of my issue:

I read everything about CloudFlare on your support pages...


1— Do you think I Should I use CloudFlare with AdminTools?

2— You said
The only pages which are never cached are the back-end pages. Therefore, the automatic IP blocking (as well as the Whitelist and Blacklist features) can not work reliably when behind a CDN. The good news is that CloudFlare performs some basic checks on its own, so it shouldn't let many suspicious requests reach your server after all.


a) Blocking CF to reach the Administration will fix that (Whitelist/Blacklist) problem?

you can use it with your front-end, BUT NOT YOUR BACK-END...


b) CloudFlare Page Rules seem to be the place to block their caching and protection. However I need to enter an URL pattern to indicate specific rule for that site section.
— Should I go with .... www.site/administrator or including the secret AdminTools parameters —>www.site/administrator?secretAdminkey
So far I enter with a wildcard (*) (authorize by CloudFlare) —> *mydomain.com/administrator* — What do you think

3— You Got Badbehavior rules for them, what should I do?

This is few days and I don’t see the site be cached by CloudFlare.... ?????

Tuesday, 09 October 2012 09:53 CDT

nicholas
1. I know that people do use it without a problem.

2.a. This was only worked around in the latest version of Admin Tools. Version 2.2.10 (the last version for Joomla! 1.5) is still affected. Sorry. Using CloudFlare will render all IP-related features, including automatic IP ban, impossible to use with Admin Tools 2.2.10.

2.b. Your method should work.

3. Disable them. Really. Bad Behaviour is an overkill. It's there mostly for historical reasons. IMHO it's not a good idea using that on Joomla!.

This is few days and I don’t see the site be cached by CloudFlare.... ?????

Not much I can help you with. Maybe you can ask them for support?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 09 October 2012 10:50 CDT

Chacapamac
Thanks

CloudFlare is working now — I forget to put it On in my hosting CPANEL ------ Oups..... :)


• I install this Joomla Module (Made by CF) that are related with IP — I don’t know if it will have an effect on the blacklist/whitelist?????
CloudFlare has developed a plugin for Joomla. By using the CloudFlare Joomla Plugin, you receive correct IP Address information for visitors to your site.


Your text to link here...

• Do all security options of Admin Pro will be unusable.... and if it’s a big security problem?

• Should I transfer the whitelist/black list and other exception to the htaccess maker — I wonder if I will be able to see the correct IP in the Exception log ?

Thanks!
I’m just worry about the security here this is a big portal....


Tuesday, 09 October 2012 10:55 CDT

nicholas
CloudFlare has developed a plugin for Joomla. By using the CloudFlare Joomla Plugin, you receive correct IP Address information for visitors to your site.

Ah, awesome! They didn't use to have this. Please make sure that their plugin is published before the "System - Admin Tools" plugin, otherwise it won't work as designed.

• Do all security options of Admin Pro will be unusable.... and if it’s a big security problem?

If I understand this correctly, if CF's plugin is published our own then all security features of Admin Tools will work perfectly.

• Should I transfer the whitelist/black list and other exception to the htaccess maker — I wonder if I will be able to see the correct IP in the Exception log ?

No, you shouldn't. The IP your web server will see is the IP of CloudFlare, thus you can't use IPs in the .htaccess Maker. You should be able to, however, blacklist IPs in CloudFlare itself.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 10 October 2012 10:36 CDT

Chacapamac
The plugin is a Module ....

You just published to all menus.

I think Module load after plugin?

Wednesday, 10 October 2012 10:48 CDT

nicholas
Module? That is certainly not going to work. Unfortunately, not much I can help you with. I have a solution, it's implemented in Admin Tools 2.4.0 but it's only for Joomla! 2.5. I no longer support Joomla! 1.5 :(

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 10 October 2012 11:11 CDT

Chacapamac
Can I transform their module in a plugin

Wednesday, 10 October 2012 11:16 CDT

nicholas
Let me check the code... Ah! Actually, you can. If you outsource it to a cheap freelancing site or a cheap dev company in India or Russia it should cost about 10$ and be ready within the day or even faster.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 10 October 2012 11:36 CDT

Chacapamac
Done - I ask a friend

I will try do do it myself - just for fun......

Thanks a lot for your Help... Really appreciated.

Wednesday, 10 October 2012 11:37 CDT

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!