Support

Admin Tools

#25629 IP Blacklist

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Sunday, 17 July 2016 06:01 CDT

brittsan
"If this kind of security exception repeats itself, please log in to your site's back-end and add this IP address to your Admin Tools's Web Application Firewall feature in order to completely block the misbehaving user."

I am not sure where I should add this IP address. In WAF Blacklist or Site IP Blacklist?

Are these people that are actually trying to login to the site, I wonder why!?!?

Thanks!!!

nicholas
Akeeba Staff
Manager
The IP address is mentioned in the email. It's also available in Admin Tools, Web Application Firewall, Security Exceptions Log.

However, you shouldn't need to block IPs yourself. Just let Admin Tools handle that for repeat offenders. It's very efficient! Go to Admin Tools, Web Application Firewall, Configure WAF, Auto-ban Repeat Offenders and set it up per the following screenshot, replacing "YOUR EMAIL HERE" with your actual email address.


Moreover, I'd recommend scaling down on all the emails from Admin Tools. I personally consider them an overkill since Admin Tools handles IP blocking by itself and everything is logged anyway. In order to disable those emails just go to Admin Tools, Web Application Firewall, Configure WAF, Logging And Reporting and delete the contents of the text box next to "Email this address on security exceptions".

Finally, on your question why these people are trying to log in to your site it's the same as with any perpetrator: to make money, illicitly. If they could guess your Super User username and password they'd get control of your site. They could then use it for a number of illicit purposes such as sending spam, attack other sites or make it a part of a botnet (network of compromised computers used to perform a number of illegal activities in a way that makes it hard to get caught). These hackers make lots of money out of these activities, hence their persistence in trying to brute force your site's login. Admin Tools is designed to protect you against these people.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!