Support

Admin Tools

#14452 RSForm permissions

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Thursday, 20 December 2012 12:01 CST

DaveOzric

Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? yes
Have I searched the tickets before posting? yes
Have I read the documentation before posting (which pages?)? yes
Joomla! version: (2.5.7)
PHP version: (5.3.16)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: (2.4.0)

Description of my issue:

Hello, I am using RSForm Pro to upload sensitive files. The site has ssl and I have the upload directory blocked from public access if someone figures out the url/folder path.

I get this error when trying to delete the submissions/files from within the extensions interface. I can delete them manually but is very confusing matching the submission to the files.

"/home/*****/public_html/l****/uploadfolder/filename.pdf" does not exist. The file could not be deleted.

I believe this is the reason RSForm throughs the error. The directory permissions are writable so that isn't the problem.

Can the extension be granted permission to delete the files and still block the directory from public acess.

Thank you

nicholas
Akeeba Staff
Manager

Can the extension be granted permission to delete the files and still block the directory from public acess.

These are two different things anyway.

In order for the extension to be able to upload files you either need to give the correct ownership & permissions to the folder or enable Joomla!'s FTP options in Global Configuration.

Blocking the directory from public access is as easy as uploading a .htaccess into that speicif directory with the following contents:

order deny, allow
deny from all
allow from none

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

DaveOzric

I am not having issues with the uploads, only the extension being able to delete the files that are already on the server.

If I go to the file folder url http://site.com/folder it is blocked access denied 404. So that is good.

I was not having the issue previously so I think it's the waf or .htacess. I see some exception options but am not sure what to add or if it's even possible to make this work.

nicholas
Akeeba Staff
Manager

I seriously doubt that Admin Tools has anything to do with this issue. It sounds as a folder permissions issue. File system permissions. Anyway, let's make sure that the problem is indeed caused by Admin Tools. In order to do so, try the following:

1. Try setting the Error Reporting level in your Global Configuration to "None". Many errors are caused by harmless PHP Notices and Warnings being output to the browser, breaking anything which requires HTTP header manipulation such as Joomla!'s session management, AJAX calls and download systems.

2. Try to replicate the issue after disabling the "System - Admin Tools" plugin. If you can still replicate the issue, it is not caused by Admin Tools. Disabling that plugin means that Admin Tools code (including the Web Application Firewall) is not running on your site.

3. If you suspect an issue with the .htaccess file, replace its contents with the contents of the stock htaccess.txt file shipped with every version of Joomla!. If you are on GoDaddy please wait for 1-30 minutes for the changes to be effective. Then, retry loading the problem page. If you can still reproduce the error, then it is not caused by .htaccess Maker.

If doing any of the above resulted in the issue still occurring, it's not related with Admin Tools and I can't help you. If doing any of the above did stop the issue from occurring, we'll have to do some troubleshooting.

First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log and go to the last page. The last log entry should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that I can help you.

If, however, you do not see a log entry, or the Date and/or IP address do not match your last access, this problem is not caused by Admin Tools' WAF. In this case, you will have to do some .htaccess troubleshooting. You may need to read the general .htaccess troubleshooting page, as well as the page on finding out necessary .htaccess exceptions.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

DaveOzric

Sorry to bother you. It seems to be a file naming issue. People were uploading files with characters that are causing the problem.

Thanks for your help.

nicholas
Akeeba Staff
Manager

No problem. That makes sense, actually – I have had that problem a few years ago with some forum software I shall not name :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!