Support

Admin Tools

#19755 Keep getting blocked from my site. Reason: admin password

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Sunday, 18 May 2014 18:00 CDT

perthcity
 I keep getting blocked out from my site even though my IP address is in the white list. The reason is admin password.

I am not sure what is happening.

Thank you.

perthcity
It seems like it is always happening when the URLs below is visited.

admin query string

/administrator/index.php?option=com_virtuemart&view=product&task=edit&virtuemart_product_id=1030&product_parent_id=0

admin query string
/administrator/index.php?option=com_virtuemart&view=product&task=edit&virtuemart_product_id[]=672

Virtuemart URL system maybe?

dlb
The reason and the URL don't seem to match. Since you have your IP whitelisted, let's try something else. Go to the Security Log, search for your IP address and delete all the entries. That may solve the problem. If not, please let me know.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

perthcity
What has this got to do with security logs?

I dont understand

I have already cleared the IP from Auto IP Blocking Administration

I have also cleared the security log as per your suggestion.

dlb
Your IP is blocked based on the count of exceptions in the Security Log. Even if you clear the Auto-block, you will get blocked again if you don't clear the log. The whitelist keeps you from going in the log, but once you're in, those records count for auto-block.

Did that solve the problem?


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

perthcity
Hmmmmm :)

Thanks for that.

I didnt know that. It makes sense now.

Cool :D

Thanks for making it clear.

Is it possible to leave this ticket as it is now? Because I need to see if clearing the security logs fixed the issue or not?

dlb
Sure, the ticket will auto close after two weeks (?) if there is no activity on it.

Yes, at this point we don't know if we solved the problem or just hid it. Let me know.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

perthcity
Well I have another super admin who needs to access the site.

It is happening at their end.

I dont have any issue on my side.

So I need to wait for his reply.

Thank you.

perthcity
Hi there,

It is happening again :(

IP Address Latest block reason Blocked until Search CleaDisplay #
adminpw 2015-04-18 00:56:41

nicholas
Akeeba Staff
Manager
We will need you to paste us the Target URL as well. From the looks of it, the user session expires (which means that the administrator is logged out) but the user interface of a back-end component (most likely Virtuemart) which is still open in the browser is trying to perform an AJAX request without checking what it gets in return. Normally, components using AJAX requests are supposed to check the return values to prevent making subsequent requests to the back-end if the user session has expired. But since we are talking about Virtuemart and its extremely questionable development practices I think it's VERY likely that it doesn't check anything at all, causing this issue. In this case the only thing you can do is disable the administrator URL query parameter protection in Admin Tools, knowing that you are degrading your site's security to cater for a badly written component.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!