Support

 I have just updated Joomla in 4 website I manage, including the site at calsolarresearch.ca.gov (also same site as calsolarresearch.org).

While I was able to login in the backend as normal, after clicking around I received this message:

"Sorry, you have tried to login too many times without the correct username and password"
Which is what I have in "Show this message to blocked IPs" in the firewall configuration.

Regardless, after I see this message I am unable to navigate the backend anymore. So I went to the server and I renamed main.php and after that I was able to login and use the backend again.
I then entered my current IP address in the white list after deleting it from the "auto IP blocking administration" black list. I reactivated main.php renaming it back to the default.

Yet, after navigating the backed again (without going anywhere any akeeba extensions) I got the same message again.
I once again renamed "main.php" to gain access and I looked around a bit more to see what could be creating this issue.

The only thing I found out of place was the "Enable IP workarounds" in the firewall settings which was set to "yes" while akeeba suggested having it set to "no".

I saved the settings, deleted my IP again from "auto IP blocking administration" renamed main.php back to its functioning state, but I am now wondering why I got banned when my IP was clearly already in the white list. I thought once an IP is in the whitelist it could not get banned again.

It is easy enough for me to deactivate akeeba tools and get around this, but it worries me a bit.

After resetting "Enable IP workarounds" to "no" I haven;t been kicked out again, yet. The previous times it took a wahile before I got kicked out and all I was doing was navigating here and there to make sure the site was OK and checking on a few things. Nothing that should have gotten me banned especially since I was already in the site.

If the culprit is "Enable IP workarounds" set to "Yes" then I can sleep better. But since I don;t know that for sure I decided to set up this ticket and ask you.

Thank you.

In order to completely unblock yourself, you need to delete your IP address from Auto IP Blocking History and the Security Exceptions Log. Even with the Whitelist you're sort of in never never land until you unblock everything. The Whitelist prevents you from getting added to the Exceptions Log.

Please check your Session Lifetime setting in Global Configuration, on the System tab. If the session is timing out, that would account for why you're getting thrown out of the back end.

Thank you for the reply. Actually, the reason why I proceeded to submit the ticket is that I indeed first removed my IP from the Auto IP Blocking History and the Security Exceptions Log. After that, I placed my IP in the whitelist and then I was able to use the site for approximately 10 to 20 "actions" (I was actually checking on updates and I needed to turn off a few modules/plugins I no longer was going to use).
That's when I got added to the blackist again.

Let me see if I can explain (at best I can remember now) what happened step by step:

1) I logged in using Roboform, my password manager. That meant I used it as a bookmark and RF took me to the hidden admin login page in the backend and then logged me in.

2) At that point I had full access to the website and I was able to work on a few things. For instance, I updated the Joomla version, I updated Akeeba Backup and Admin tools. Even after the updates I had full access to the site and no problems unti, seemingly randomly, I was kicked out and saw the alert as I explained in my OP.

3) At this point, I simply went to my FTP program and renamed "main.php" which gave me back access to the site.

4) This is when I deleted my IP from wherever I found it in the blacklist. It wasn't in the permanent one but it was in the Auto IP Blocking History and the Security Exceptions Log.

5) Next, I added my IP to the Whitelist.

6) After this it's when I renamed main.php back to its proper name and I was once again able to interact with the site's administration for about 5 to 10 minutes, until I got blocked again.

Given the above, what worries me is not so much the blacklist or whitelist issues, but the fact that I was not trying to login into the site at all. I was already in and the second time I was white listed.

What I am trying to say is that I understand being added to the blacklist when trying to log in into the site, but I am a bit concerned about being added to the blacklist and bumped off the site while in the middle of a session.

I hope the above is more clear. I am just trying to understand what could I have done to trigger the security response and have admintool black list my IP when I was already in the site working on fairly routine tasks.

By the way, I have not gone back to the site to check, but I will at some point and I'll let you know how it behaves.

Thank you.

Please upgrade to Admin Tools 3.6.8, released today. There is a new bug that Joomla! introduced with 3.4.7 that we needed to work around, but this doesn't sound like it.

You are actually working continuously in the back end, not leaving and coming back to it? If you are coming and going, it could be a session timeout, but that doesn't sound quite right either.

Indeed I never left the site. The first time it blacklisted me while I was going from one area of the admin site to another, and the second time too.

However, I updated admintool and so far I haven't been kicked out. I'll let you know if I do.

Grazie Davide. Mi sono appena accorto che tu parli Italiano. Anche se io preferisco l'Inglese quando si tratta di computers (ho lasciato l'italia nei primi anni 80 quindi la mia esperienza cibernetica e tutta in Inglese) quello che ti devo dire e` semplice: per il memento tutto funziona bene ma voglio aspettare che tutti ritornano dalle vacanze prima di chiudere questo ticket.

Grazie e io to faro` sapere se c'e` del nuovo.

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.