Support

Admin Tools

#22312 URL Parameter does not work

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 20 March 2015 11:22 CDT

mrp58
Like many others i figured out, that the custom admin directory is not longer supported. So i want to use the URL Parameter instead.

But it doesn't work. The Admin-Login-Screen is still available.

We have many many automated attempts to view the admin login. Why do you have removed this lovely feature?

Thanks

nicholas
Akeeba Staff
Manager
The URL parameter does work. I am saying this having used it more than ten times just today and just on this site. Please note that the URL parameters should best only contain lowercase letters a-z and numbers 0-9. Other characters may not work on some servers, depending on the way URLs are encoded by the server software before being made available to PHP. Question marks, ampersands and equal signs have special meaning in URLs and will definitely not work in the secret URL parameter.

As to why the custom admin directory was removed, it has to do with the way a lot of shared servers handled it. If we fixed this feature on those servers it stopped working on the majority of properly configured servers. If we made the feature to work on the majority of properly configured servers it didn't work on the affected shared servers. This has resulted in a constant stream of support requests which are unresolvable and a major point of friction between us and our clients. The only decent thing we could do was remove the feature which cannot be made to work with the vast majority of servers. We have a rule: if it cannot be made to work on over 95% of the servers used by our clients we don't include it. Besides, it didn't offer actual security. Using the administrator password protection and Joomla! 3's two factor authentication (a feature we contributed to the Joomla! project after having it for over two years built in Admin Tools Professional) is a far better solution.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

mrp58
Hello,

i only use lowecase letters. Did i forgott anything? I type the word in the field and save the configuration. Then i log out and try to get acces to /administrator without any Parameter. I get access to the login screen and are able to login. I think i have to been redirect to startpage.

nicholas
Akeeba Staff
Manager
If your IP address is in the Whitelist (and you have activated the IP Whitelist feature) or in the "Neve block these IP addresses" then no security check is performed for any requests coming from these IP addresses. This means that you are exempt from the secret URL parameter too. Try accessing /administrator from a different computer, tablet or mobile phone connected to a different Internet connection, e.g. a tablet over 3G/4G. You'll see what I mean.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!