Support

Admin Tools

#23928 user cant opload file to the site

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by user63034 on Wednesday, 16 December 2015 11:07 CST

Wednesday, 16 December 2015 01:15 CST

user63034
 hi,

i need to alloud my user to upload files links and so to the site, admin tool block it and i try to find something about it at the documentation, but i didnt find.
i need to know what to do, i read about the waf but the explanation there are for skilled security persons.

so i need your help about that. just tell me what to disabled
the message that i get is that admin tools block it
BR
Amit

Wednesday, 16 December 2015 01:49 CST

nicholas
Components, Admin Tools, Web Application Firewall, Configure WAF. Click on Active Request Filtering. Find "Uploads scanner (UploadShield)" and set it to No. Click on Save & Close.

Please note that if you still have an issue uploading files then it's not coming from Admin Tools. Joomla! 3.4.1 and later also includes uploads filtering and has it always enabled, without a switch to disable it. Developers have been given instructions to modify their extensions to allow uploads of files that would trigger the protection. If you are using a component which doesn't allow your users to upload certain files please contact its developer and ask them for a version updated for Joomla! 3.4. The change is trivial.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 16 December 2015 10:10 CST

user63034
ok,
i tryied a few option and the problem is with the "cross Site Scripting block (XSSShield)"
when its enabled a user cant upload a thing, when it disabled he can.
i tried with the Uploads scanner (UploadShield) its doesnt metter when its enabled or disabled the user can upload.

so now i am without XSSShield is it a problem?

BR
Amit

Wednesday, 16 December 2015 11:01 CST

nicholas
Actually the XSSShield option is one we recommend people to not enable. In all honesty, this protection throws too many false positives to be practical. I will be removing it in a future version of Admin Tools altogether.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 16 December 2015 11:07 CST

user63034
thanks

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!