Support

Admin Tools

#20229 Admin Lockout

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 11 June 2014 05:54 CDT

user76427
i have noticed every time i log off the site and try and log back on i always get locked out or blocked. i can't understand what i have done wrong in order to be continued to being banned from my own site.

the security exceptions logs, etc are all cleared. i have attached some pics for you to see what i have done wrong

nicholas
Akeeba Staff
Manager
First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log. The latest log entry at the top should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that we can further help you.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user76427
thanks nick,

i did have the setting set to yes and these are the reasons.

1. http://www.thegreenbet.com/administrator/index.php?option=com_admintools&view=waf

2. http://www.thegreenbet.com/administrator/

3. http://www.thegreenbet.com/administrator/index.php

thanks to advance......

user76427
here is a jpg FYI

nicholas
Akeeba Staff
Manager
I need BOTH the Reason AND Target URL. You only gave me the target URL which doesn't tell me anything all by itself. You also didn't verify that the IP address you are seeing next to these entries is your own IP address. If it's not your own IP address then you weren't blocked by Admin Tools or the block wasn't logged. In the latter case you need to remove everything from the "Do not log these reasons" (look at your attachment, the field is fourth from the bottom there) and retry.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

user76427
sorry nick,

the reason is Admin Query String

i have checked the IP address and can confirm it mine.

so i add Admin Query String in the "do not log these reasons" would that be correct?

nicholas
Akeeba Staff
Manager
Yes, that prevents automatic blocking when you are triggering the admin query string. As to why it's being triggered, it seems that there's something strange going on with the session management on your site. Unfortunately it's one of those things which can't be fixed, so you'll have to make do with your workaround of not logging that security exception :(

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!