Support

Admin Tools

#14317 Attacks via proxy

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Saturday, 08 December 2012 15:28 CST

Saturday, 08 December 2012 03:30 CST

joombler

Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? No
Have I searched the tickets before posting? No
Have I read the documentation before posting (which pages?)? No
Joomla! version: (unknown)
PHP version: (unknown)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: (unknown)

Description of my issue:

I lately get these messages; look like these persons are accessing thry a proxy:

Hello,
We would like to notify you that a security exception was detected on your site, with the following details:
IP Address: 213.46.204.89 (IP Lookup: http://ip-lookup.net/index.php?ip=213.46.204.89)
Reason: Spammer (via HTTP:BL)

I have added the BL domein in my ip blacklist, but still get these messages.
Do I miss something here? How can I prevent people try to access thru HTTP:BL?

thanks,
Jmblr


Artificial intelligence is no match for natural ignorance...

Saturday, 08 December 2012 09:32 CST

nicholas

Hello Jos,

Admin Tools simply informs you that it blocked an attack thanks to the information it got from Project Honeypot's HTTP:BL blacklist. You don't have to do anything. If you don't want Admin Tools to email you when a security exception (=blocked attack) is taking place please blank out the respective email address field in Admin Tools, Web Application Firewall, Configure WAF.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Saturday, 08 December 2012 12:46 CST

joombler

Ok, I understand. The more informative email the better.

With the iirf.txt (ISS) it is even better to get informed because I can now run a script that also adds the abuser's ip address in that text file.

Artificial intelligence is no match for natural ignorance...

Saturday, 08 December 2012 15:28 CST

nicholas

Very good :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!