Support

 Hello. I'm having an issue with getting a cronjob to run through successfully. It's a wget based cron and it was working just fine until about a week ago. The only changes I know I made at that time to my site was an update to Admin Tools, an update to an extension called Freestyle, and an update to an extension called Cobalt; I'm checking with all three developers to cover my bases, as the two crons I'm having issues with happen to be for Freestyle and Cobalt. The two problem crons both generate email notifications to users, and then also notify the admin when the emails have been sent. Emails to users are not being generated and the admin is receiving an email regarding the error.

Here is a sample of one of the email error messages the admin is receiving (I removed the IP address): http://www.degarrin.net/index.php?option=com_cobalt&task=cron.sendAlert&secret=SECRETWORD Resolving www.degarrin.net... IP ADDRESS Connecting to www.degarrin.net|IP ADDRESS|:80... connected. HTTP request sent, awaiting response... 403 Your IP address has been blocked from this site. Please contact Degarrin for assistance.

I have other crons with different setups that are working just fine, so it has to be something to do with this setup, but I have researched until I'm ready to tear out my hair and can't figure it out. Does anyone have suggestions? I can provide access to the site if need be.

Thank You
Angela

Angela,

If you look at your Admin Tools Security Exceptions Log, does it give you any information about the error?

No, it's not appearing as an exception under the log.

If you have used .htaccess Maker, replace your .htaccess file with Joomla!'s standard file. Does the error still occur? (That is a diagnostic step, not a cure.)

Yes, the error does still occur.

thank you
Angela

One more thing to check: Please disable the System - Admin Tools plugin. That will completely disable Admin Tools. If the error still happens, it isn't caused by Admin Tools.

Alright, I'll try that. In the meantime, I got a response from my hosting provider. I'm going to reply back to them as well, because I do get the error even when I switched out my htaccess with the default Joomla one and even with their fix below, but here is what they said:

I found the cause in the .htaccess file in your public_html directory. There were several rules added by a Joomla security plugin:



### Security Enhanced & Highly Optimized .htaccess File for Joomla!

### automatically generated by Admin Tools 3.4.4 on 2015-03-14 13:34:16 GMT



At least one of these rules is preventing access from wget. I quickly disabled all rules by commenting this line:



#deny from env=stayout



If you want to keep using the plugin without hassling through each rule, I would recommend to simply use the curl executable instead of wget to run the cron jobs. The syntax is very similar. Please see here:



http://curl.haxx.se/docs/manpage.html

Curl, btw, although it is not on my list of blocked user agents either, gives me the same issue and the same basic error message, although it's layout is different; pulling a text version of a whole page from my site with the error message I have in AdminTools for blocked IPs.

They are correct. wget is in the blocked user agents list in .htaccess Maker. You can remove it from the list and regenerate your .htaccess file to solve that issue.

But wget would not be blocked by the default Joomla! .htaccess file, so I don't think we've gotten to the bottom of the problem yet.

Okay, the crons are running when I disable Admin Tools, whether I leave them as wget or convert them over to curl as recommended by my host. So, what's the best step to take now? I haven't modified any of the options in a long time, so it's not really a matter of switching back something I recently changed. Start disabling options one at a time in the WAF to see what makes a difference?

Thank You!
Angela

So it is something coming from Admin Tools that does not hit the security log. Are you using any GeoIP blocks? Are you blocking countries or regions? That would fit the bill.

No, I'm not using any GeoIP blocks, not blocking any countries or regions. Some of the other items I've tried, one at a time, since my last post (grasping at straws here) without any luck:

• disabled the Akeeba GeoIP provider plugin
  changed MUAShield WAF->Active Request Filtering from Yes to No
  changed RFIShield WAF->Active Request Filtering from Yes to No
  changed DFIShield WAF->Active Request Filtering from Yes to No

Thanks
Angela

Under Web Application Firewall, WAF Configuration, on the Logging and Reporting tab, "Log security exceptions" should be set to "yes" and "Do not log these reasons" should include only "Geo Block".

I can't figure out why Admin Tools isn't telling us why it is blocking the request.

"Log security exceptions = Yes" and "Do not log these reasons = Geo Block" were already at these settings. I don't know what it could be either and I really need to get it figured out, although I appreciate all that you've suggested so far. If you want to see all the settings at once, I can provide access.

Thank You
Angela

Angela,

I got a note from Nicholas this morning:

Ask her to add a WAF Exception for option com_cobalt, empty view, task cron.sendAlert, empty query parameter. Remind her that in order to create an exception she needs to click on the green New button in the toolbar

Let's see if that beats it into submission.

Nope, setting a WAF exception does not affect it. Turning off the plugin is still the only thing that works :(

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.