Support

Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 2.5.14
PHP version: 5.3.26
MySQL version: 5.5.31
Host: Siteground
Admin Tools version: 2.5.6 and 2.5.8

Description of my issue:
After successful loging in my site backend I get the IP Blocked message (the one I defined in the WAF configuration) when I try to perform some actions:

• Trying to install any extension
• Trying to access WAF configuration
• Trying to clean site cache from Joomla! maintenance area

To avoid this I have to rename the pro.php file.

Weird thing is that thinking it might be an accumulation of incidences from my IP (I have a dynamic ip so I'm not sure who had it before) I have:

• Removed all the incidences of my IP from the Security Exceptions Log
• Checked the IP is not in the Auto-ban list or in the Black list.

Also if I check the security exceptions log after getting the message I can see no entry about that exception.

I have no clue about this problem and I think it might be related with hosting, but I also think it's weird not having a log entry about the exception.

Thank you very much.

Are you logging in with an Administrator or Super Administrator ID? Some parts of Admin Tools - like installing new extensions - require Super Administrator level access by default.

Dale

Hi Dale,
thank you very much for your reply.

I'm logged in as Super Administrator. Also that does not cover the issue with cleaning cache.

That was the only thing I could think of that you hadn't already looked at. I'll ask Nicholas to take a look at this.

No problem Dale, much appreciated your help ;)

I'm not in a rush with this I just want to be sure this is not a bug or an incompatibility we have not considered ;)

Best!!

Hi Nicholas,
thank you very much for your reply. As I wrote in my previous message the behavior was perfectly reproducible:

when I try to perform some actions:



Trying to install any extension

Trying to access WAF configuration

Trying to clean site cache from Joomla! maintenance area

And also as I stated:

Also if I check the security exceptions log after getting the message I can see no entry about that exception.

So I have not been able to find a reason for that weird behavior.

I say "was" because I have tried to reproduce the issue again and now everything is working as it should, so I guess there is no issue. I can only guess this:

Another possibility is that you have a misconfigured server which reports the same IP (typically that of a reverse proxy or a CDN in front of the site) instead of the real visitor's IP. In this case other users triggering the WAF in the front-end would result the –always the same for everyone– IP to be blocked very fast, leading to the issue you are reporting.

was the main reason as Siteground uses that SuperCacher thing but it was quite weird as it only happened with specific functions of the backend and not with each backend step I took and I got no log in the Security exceptions log.

I'll let you know if I can find more info or if it happens again.

Thank you very much for your clarifications and I'm sorry for not being able to provide more data.

Hi Nicholas,
sorry I thought I already mentioned that. There was only one IP in the automatic block, the reason was adminpw and it was not my IP. It was a USA IP and our server should be located in Europe.

PS: Shouldn't you be sleeping at this time? :P

This is the site IP info:

http://ip-lookup.net/index.php?ip=107.6.161.202

It looks to me like a Siteground IP so it seems your CDN guess is the most probable reason.

Thank you very much for helping me shedding some light on this.

Thank you very much for your help.