Support

Admin Tools

#17683 Server IP is getting backlisted

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Saturday, 23 November 2013 18:00 CST

Monday, 30 September 2013 03:15 CDT

in2computing
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? ticket 13407
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 3.04
PHP version: 5.3.10
MySQL version: 5.5.28-29.1
Host: TSO Host (cloud hosting)
Admin Tools version: 3.04

Description of my issue:
When a visitor visits my website (www.in2computing.com), the server's IP is being logged and not the visitor's public IP. When a hacker tries to hack in my website, the server's IP gets black listed and the website is blocked for everyone as the request is sent from same IP.

I contacted the hosting provider and they are asking me to use HTTP_X_FORWARDED_FOR. When read the ticket 13407, you have mentioned that this problem has been fixed.

But I have another website (www.barnetpcservices.com) with same host using Joomla 2.5.14 and AdminTool 2.5.8. When I checked the exception log, it shows the correct Public IPs.

Please let me know if you need any further information.

Any help would be much appreciated.

Regards
Yogi
Regards
Yogi
www.in2computing.com

Monday, 30 September 2013 07:25 CDT

nicholas
Your Joomla! version family (3.0) is no longer supported. Please upgrade to Joomla! 3.1.

I suspect that the Admin Tools version you are using has a known bug which was fixed later on. Unfortunately, as you are using an unsupported version of Admin Tools on an unsupported version of Joomla! we cannot offer you any other alternative than to ask you to upgrade your site and Admin Tools.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 30 September 2013 08:41 CDT

in2computing
Hello Nicholas

Thanks for your reply.

I have updated the Joomla to 3.1.5 and AdminTools to 2.5.8 but the problem still exists.
Regards
Yogi
www.in2computing.com

Monday, 30 September 2013 10:03 CDT

nicholas
Are you using a reverse proxy (e.g. Vagrant or NginX in reverse proxy mode) or a CDN in front of your site? It seems that you do but it doesn't forward the real user's IP through the X-Forwarded-For HTTP header. In such a case Apache has no idea what the real IP of the visitor is and reports a specific* IP to PHP. Admin Tools reads what PHP reports (which is what Apache reported) and acts upon it.

* "Specific IP" can either be the server's own IP when you're using a reverse proxy or one of the CDN's IPs when using a CDN.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 30 September 2013 10:33 CDT

in2computing
Hello Nicholas

I dont use any reverse proxy myself but I am not sure about the hosting provider (TSO Host). Its a shared cloud hosting account. This problem doesnt exist with my other website www.barnetpcservices.com (Joomla 2.5.14 and AdminTools 2.5.8) and this website is hosted with the same provider and same cloud hosting account.
Regards
Yogi
www.in2computing.com

Monday, 30 September 2013 12:01 CDT

nicholas
I can tell you how Admin Tools determines the visitor's IP. It first checks with PHP if there is an X-Forwarded-For HTTP header. If it does, it is used. Otherwise we use the REMOTE_ADDR server environment variable as reported by PHP. PHP gets both of these pieces of information from Apache.

What I want to explain is that there is no bug in Admin Tools, assuming that you are using Admin Tools 2.5.8 (if not, please upgrade immediately). It all comes down to what Apache is reporting. We can't help with that; only your host can. I would suggest talking to your host about it.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 01 October 2013 07:15 CDT

in2computing
I have AdminTools and Joomla upto date.

Consulted with the host and they are saying that this could happen only for the websites with SSL.

That explains why barnetpcservices.com works fine and in2computing.com doesnt.

I will post the solution here when I solve this problem.

Thanks for your help and insight on this issue Nicholas.
Regards
Yogi
www.in2computing.com

Tuesday, 01 October 2013 10:26 CDT

in2computing
Hell Nicholas,

I receive below reply from my hosting provider

"Normally this would be an option in the back-end - as long as Akeeba have made provision for sites behind load balancers, you should be OK to set this in there. Otherwise, it would be a case of manually editing the code."

Could you please point me in the right direction on which file and what code should be entered manually?
Regards
Yogi
www.in2computing.com

Tuesday, 01 October 2013 14:44 CDT

nicholas
There is nothing to enter. As I explained, Admin Tools first checks with PHP if there is an X-Forwarded-For HTTP header. If it does, it is used. Otherwise we use the REMOTE_ADDR server environment variable as reported by PHP. PHP gets both of these pieces of information from Apache.

As long as your server is correctly set up this is transparent to you. If, however, your server does not set the X-Forwarded-For HTTP header or sets a different header you are screwed. If your server sets the X-Forwarded-For HTTP header to the wrong IP address, you are screwed too. So, my questions to your host is:
- Do they set an HTTP header with the real IP address?
- If they do what is this HTTP header?
- If they don't what is their recommended methods for PHP scripts to retrieve the real visitor's IP address?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 23 October 2013 19:12 CDT

in2computing
Hello Nicholas

I have asked by host to answer your questions and still waiting for some answers.

I also have Piwik under the same domain and that seems to be working fine (showing correct visitor's IP). If that is the case, do you think the problem still could be with the server?
Regards
Yogi
www.in2computing.com

Thursday, 24 October 2013 02:34 CDT

nicholas
Assuming that you are using Admin Tools 2.5.8, yes, that's the issue. If you are using an older version of Admin Tools then no, the problem is that you're using an older version of Admin Tools. Throughout this ticket I was operating under the assumption that your Admin Tools installation is up to date. Remember, you gave me a non-existent Admin Tools version number in your first post so I had to assume instead of knowing.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Saturday, 23 November 2013 18:00 CST

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2013-11-23 18:00 CST

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!