Support

Admin Tools

#24914 Admin tools blocking card payments

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Saturday, 14 May 2016 17:20 CDT

Mohairbears
 Hi, Something in admin tools is blocking card payments, If I disable Admin Tools all is ok? I have searched loads of info on here and nothing seems to work? The process goes all the way through to sending the payment info to my card provider then gives a 404 error saying Admin tools is blocking it?

thanks

tampe125
Akeeba Staff
Hello Chris,

can you please export your Admin Tools settings and attach them here?
So I can review them give you the correct solution.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Mohairbears
Output attached.

rgds

Mohairbears

tampe125
Akeeba Staff
Can you please try to disable the CSRF protection inside WAF Configuration?
Moreover, did you create your .htaccess file using the Htaccess Maker? If so, can you please double check that the feature Block access from specific user agents is set to No?

That should fix your issues.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Mohairbears
Hi, It was the CSRF it now works ok

I have created a htaccess but it still did not work with that file deleted as I tried that before contacting you, do you recommend changing that setting as well or is it ok to leave it?

thank you.

tampe125
Akeeba Staff
Do not delete the .htaccess file, since it's required by Joomla to create SEF urls (ie yoursite.com/about instead of yoursite.com/index.php?etc etc)
If the payments are stored after disabling the CSRF, you can avoid editing the .htaccess file.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Mohairbears
Hi Sorry back again re this issue.

Some payments are getting through but I am also getting payments failing with this error
FAILED (Issuer authentication expired)

I have found this information re the issue but not sure how to solve it as something is being blocked?

Issuer Authentication Expired
This message will appear 2 hours after the transaction was initially carried out if the customer has not completed 3D Secure when prompted. The same message will show if there is an issue with the merchant's website and the PaRES (the response from the Bank's 3D Secure page) is not being returned to the gateway after 3DS has been completed.

I'm guessing anyone who is not using the 3D secure is ok but those with it set up the payments are failing?

thanks

tampe125
Akeeba Staff
Do you have any security exception logged regarding the 3D payment?
Can you please try to disable Admin Tools and ask the same customer to process the same transaction with the 3D secure form prompted?
To be on the safe side, please set the Block access from specific user agents to No inside the Htaccess Maker.
Do you still get an error when everything is off?

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!