Support

Admin Tools

#14530 HttpBL plugin - Project Honeypot

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Thursday, 03 January 2013 07:44 CST

Thursday, 03 January 2013 05:06 CST

anandmahey

Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? No
Have I searched the tickets before posting? No
Have I read the documentation before posting (which pages?)? No
Joomla! version: (unknown)
PHP version: (unknown)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: (unknown)

Description of my issue:

Hi Nicholas, was just wondering if the HttpBL plugin from project honeypot will conflict with the Admin Tools httpBL option? I installed the plugin sometime back, and discovered the option in Admin Tools just today.

Thursday, 03 January 2013 05:39 CST

nicholas

If you enable both you are wasting server resources. Enable only one of them. There is no conflict, there is only the question of performance.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 03 January 2013 05:46 CST

anandmahey

Hi Nicholas, thank you for your prompt reply.

I was wondering about the Purge Sessions. I believe its not supposed to log me out as well? I just tried it, the pop said it will log out all sessions, except me, but it logged me out as well.

Another question, I actually used the IP Blacklist to blacklist someone in real time, while the guy was trying to access my admin area. I get emails everytime someone tries to log in, and saw an unrecognised IP address. I added the whole IP range xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx (the "dash" without any space) but the same IP address kept reaching the Joomla Admin Login area in 2 mins, 3 mins, 5 mins after i added the range. I then proceeded to Block Geographically (Ukraine). However, I'd like to avoid Geographic blocking.

Does the IP Blacklist take time to kick in? Also, I had some IP addresses in the IP Deny Manager (Cpanel) which are not there anymore (I've saved them just in case). Does the IP Blacklist Overwrite and Override the IP Deny Manager?

Thursday, 03 January 2013 06:12 CST

nicholas

I was wondering about the Purge Sessions. I believe its not supposed to log me out as well? I just tried it, the pop said it will log out all sessions, except me, but it logged me out as well.

There were some changes in Joomla! 2.5 (IIRC, 2.5.7) which now cause everyone to be logged out when you purge sessions, including you.

Another question, I actually used the IP Blacklist to blacklist someone in real time, while the guy was trying to access my admin area. I get emails everytime someone tries to log in, and saw an unrecognised IP address. I added the whole IP range xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx (the "dash" without any space) but the same IP address kept reaching the Joomla Admin Login area in 2 mins, 3 mins, 5 mins after i added the range. I then proceeded to Block Geographically (Ukraine). However, I'd like to avoid Geographic blocking.

Have you enabled the blacklisting feature in the Configure WAF page? It's turned off by default. Most users don't use it and it was causing one more db query when it was turned on by default.

Also, I had some IP addresses in the IP Deny Manager (Cpanel) which are not there anymore (I've saved them just in case). Does the IP Blacklist Overwrite and Override the IP Deny Manager?

cPanel saves them in your .htaccess file. You are apparently using the .htaccess Maker which, of course, overwrites the .htaccess file, therefore removing those entries.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 03 January 2013 06:41 CST

anandmahey

Oh Thank you!

Last question (I hope for awhile), do i need to create and save .htaccess everytime there are changes made to, for example, the Blacklist or when changes are made under Configure WAF? Or are the changes automatically added to .htaccess?

Thank you for being so patient, and again, wonderful job with Admin Tools :)

 

Thursday, 03 January 2013 06:58 CST

nicholas

Web Application Firewall. .htaccess Maker. These are two different things :) WAF doesn't use the .htaccess Maker. You only need to update the .htaccess when you make changes in the .htaccess Maker page.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 03 January 2013 07:12 CST

anandmahey

Thank you for being patient Nicholas :)

Thursday, 03 January 2013 07:44 CST

nicholas

You're welcome :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!