Support

LOCKED OUT OF ADMINISTRATION LOGIN
I have a website at https://www.apparel-online.co.uk which is still under development. It is running on the latest version of Joomla. Also I have just upgraded the Admin Tools extension to v4.0.2.

I have an issue with one of the other extensions (J2Store) in the system (not related to this) and provided administration access details to J2Store support staff to do some investigation. They responded by saying that they could not access the administration system. This was a surprise to me as I myself accessed the administration function just an hour or so ago to upgrade Admin Tools to 4.0.2 which seemed to go fine.

However it now seems that we are locked out of the administration system (by WAF?). If you go to https://www.apparel-online.co.uk/administrator/ it redirect me (anyone) to the frontend home page?.

I have followed your documentation and tried two things. I followed these two procedures :
https://www.akeebabackup.com/documentation/troubleshooter/atadminpw.html
https://www.akeebabackup.com/documentation/troubleshooter/atwafissues.html

Both of these procedures did not resolve the issue.

I also notice that in my emails, I have three emails saying :
We would like to notify you that a security exception was detected on your site, apparel-online, with the following details:

IP Address: 121.200.52.164 (IP Lookup: IP Lookup)

Reason: Admin Query String

If this kind of security exception repeats itself, please log in to your site's back-end and add this IP address to your Admin Tools's Web Application Firewall feature in order to completely block the misbehaving user.

Can you offer any guidance as to what might be the problem and what I might try?

The second link you posted should have gotten you back in. Please double check that main.php really is renamed. If it is, then we have a cache problem. The main.php is still in a cache, browser, Joomla!, PHP, etc. First clear your browser cache, if that doesn't work then you will need to ask your host how to manually clear the PHP 7 code cache. Waiting for the cache to expire will probably work too, but could take a while.

About your contractors, do you have any GeoIP restrictions in place?

Thank you. Yes I can now get in. I must have hit a caching problem.

Now to find the real problem.

Thanks again.

To keep you informed, I am still encountering the problem.

By renaming main.php and waiting for the cache to clear, I was now able to access the administration backend. I followed your directions in note (below) to resolve the issue.
https://www.akeebabackup.com/documentation/troubleshooter/atwafissues.html

Then I renamed main-disabled.php back to main.php.

Again I found myself locked out. So something else is triggering WAF to block me.

So once again I have renamed main.php back to main-disabled.php ....... and I am awaiting the cache to clear (I have no way to force the cache to clear). This should let me back into the administration backend.

Can you offer any advice beyond the note mentioned above that may be triggering my blocking by WAF?.

Sorry, I should have added that I have no GeoIP restrictions in place.

In Web Application Firewall, Configure WAF, on the first tab, if there is a value in the Secret URL Parameter field, you need to call your administrator login screen in the format www.mysite.com/administrator/index.php?secret - where "secret" is the contents of the Secret URL field. If you don't, you get redirected to the home page. That is the most common cause and the first run wizard will helpfully put a value in that field that many users miss.

Thank you for that advice. It sounds like the cause of the problem.

I have been in touch with my host to determine how to clear the PHP 7 cache. They say that there is no cache set in my environment so there is nothing to clear.

I can confirm that main.php has been renamed and is currently set to main-disabled.php.

However I still cannot access my administration site at https://www.apparel-online.co.uk/administrator/

Could something be cached in the Joomla cache?.

I now have access to my administration site by using the Secret URL Parameter field.

Thank you for your advice.

You are welcome!

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.