Support

Admin Tools

#16888 Site IP Blacklist

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 30 July 2013 15:05 CDT

user77304
1. I have install the admin tool recently and I have added an ip address as backlist as I was getting junk email from that ip address but still I am getting email from the the same ip address.

2. How can I test the auto ip blocking administration is working
do you have any testcase to run and resale after that

nicholas
Akeeba Staff
Manager
Admin Tools runs inside your Joomla! site, not your mail server. Adding an IP to Admin Tools' blacklist will prevent that user from accessing your Joomla site. It will not prevent him from sending you emails, trying to connect to FTP, do a prt scan or anything else that does not go through Joomla.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user77304
thank for your reply. but my question is when I have black listed this IP address, how can they go to my
contact us page to send a junk email?

nicholas
Akeeba Staff
Manager
There are multiple reasons I can think off:

- The blacklist feature must be enabled in the Configure WAF page. It is not sufficient to simply add an IP address to the blacklist. This is by design. The blacklist feature requires one more database query on every page load which makes no sense running unless you actually want to use this feature. Therefore this feature is disabled by default. Please refer to the WAF configuration documentation for more information.

- Make sure the IP address is entered correctly. IPv4 addresses follow the format 1.2.3.4 which is a number 0-255, followed by a dot, followed by a number 0-255, followed by a dot, followed by a number 0-255, followed by a dot, followed by a number 0-255. No spaces or other characters are allowed. You must make sure you are using a dot and not a comma (I've done that typo myself, it's hard to spot!). Also check that you have not left a space, newline or dot after the end of the IP address.

- Make sure you are indeed receiving spam from the same IP, not the just same e-mail or name. It is possible that a spammer will use the same e-mail address or name but a different IP address. The default Joomla! contact component does not record the IP address anywhere, so I have to wonder where do you see the IP address. Do note that the email header contains the IP address of your site's mail server, not the IP address of the user who sent the message. Blacklisting that IP makes no sense.

- The blacklist feature will only work when a request is routed through Joomla! itself. We have seen many third party components –including contact and generic form components– which implement their own entry point as a separate PHP file. Since that file is called directly and does not load Joomla! plugins, Admin Tools' plugin is not loaded. As a result Admin Tools is not running and, of course, its blacklisting feature won't work if it's not running.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user77304
Thank for your email

I am useing joomla module ChronoForms where they have feature you can get the ip number of the sender.
Regarding Configure WAF just want to double check
Is "Disallow site access to IPs in Blacklist" should be yes
Need to know what WAF Exceptions is for?



nicholas
Akeeba Staff
Manager
> I am useing joomla module ChronoForms where they have feature you can get the ip number of the sender.

Make sure the IP you get is not the IP of your server or a CDN / reverse proxy you have in front of the site. In the latter case Admin Tools will "see" the correct IP of the remote client, unlike your forms component and will (correctly) not block the request.

> Is "Disallow site access to IPs in Blacklist" should be yes

Yes

> Need to know what WAF Exceptions is for?

No, it's irrelevant to what we're discussing here and can't have an effect.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user77304
Thanks for your email
One more question to ask no sure it is relevant or irrelevant :)
How can I make sure Auto IP blocking is working or not? do you have any testcase for that?

nicholas
Akeeba Staff
Manager
There is an easy way to test it. Use a phone connected to the 3G network (not your WiFi) to try to raise a security exception repeatedly. The simplest way to do that is enabling the administrator secret URL parameter on your site and trying accessing the /administrator URL of your site without this parameter repeatedly. Once you reach the number of security exceptions in the time frame you have defined you will get your phone's IP blocked and see the IP block message (configurable).

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!