Support

Admin Tools

#23229 Beginner questions about Alpha version with quick wizard

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by dlb on Monday, 07 September 2015 13:35 CDT

Monday, 07 September 2015 13:04 CDT

user72925
 Hi, Ive got 3 questions:

1. I've been getting a lot of emails with the subject « security exception on x website »

All from different IP
All Login failure
All same Username : « Mabledats »
All different Passwords (same passwords for 2 last days though : BKklU05c )

I contacted Nicholas and he said to not worry and that I should contact support so that they could tell me how to make the emails stop. Can you help me out?

Also, can I block this guy by his username since he tries different IP?

2.When I connect, I get the message that I've tryed to connect but, the system doesnt know what country I'm from. I live In Canada so pretty well known region of the world:) I've installed the geo plugin and I have enabled it. Is it not functionning correctly because I'm using the alpha version of Admin tools with the quick wizard?

3. I've enabled the secret URL parameter for all installs but I still can connect to ex : super-site.ca/administrator. The way I understand it, say the secret parameter is 1234567, then I could only connect to the backend by going to ex : super-site.ca/administrator/1234567. Why isnt this working?

Thank you very much for your kind help , have a great day!

Jonathan

Monday, 07 September 2015 13:35 CDT

dlb
Hi Jonathan,
  1. To stop the emails, go to Web Application Firewall, Configure WAF, on the Logging and Reporting tab, you can delete the email address under Email this address on security exceptions. That will stop the emails. No, you can't block him/her by user name. They are an annoyance, not a danger.
  2. The GeoIP database is created and maintained by MaxMind, a third party developer. Your own IP address is not in their database, so Admin Tools can't figure out where you are located. You are seeing first hand the limitation of GeoIP blocking.
  3. There are a couple of possibilities here. When you log in to the back end with the secret parameter, a cookie is set with the "He knows the secret" flag set to yes. You can log out and log back in (without closing the browser) and it uses the cookie on the second log in, so the parameter is not required. The other possibility is that your IP address is in the Administrator White List. That is like a "Get out of jail free" card, Admin Tools will pretty much allow you to do anything. Try the login from your phone or tablet (not on WiFi so you have a different IP) and see if you can do it without the secret parameter.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!