Support

Admin Tools

#27939 My client site blocking me out

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Thursday, 13 July 2017 17:17 CDT

Tuesday, 13 June 2017 03:40 CDT

hemun
Hi, this has been going on for three days now, i cannot access to my clients site, except once in a day and after a while, Admin Tools (or something else) is kicking me out. It's taking long to load the page and then, nothing, just white page loading forever in everywhere, even on public site.

I have named plugins/system/admintools/admintools/main.php to main-disable.php, then i got in one time, but after trying edit the article, or add an image, and when i clicked "save" it threw me out again. Actually, loading the page for ever and ever, it didn't even give the warning "you are spammer, hacker or otherwise bad person".

This morning i got in once again, and managed to save my ip to whitelist, and remove my own security exceptions. Then it locked totally again, and no hope even getting to live site. My client can get to live site though! So i blocked out the server problem...!
I even managed to login via ipad, with another wifi, but when i save something, or anything, it goes again to white page, loading forever...

Cannot even check my Admin Tools Pro version, but it's previous version, because i don't manage to update the newest! Nor Joomla version...
Can i safely update Joomla and Admin Tools manually via ftp?

Please help me soon!

Tuesday, 13 June 2017 03:54 CDT

nicholas
I have named plugins/system/admintools/admintools/main.php to main-disable.php, then i got in one time, but after trying edit the article, or add an image, and when i clicked "save" it threw me out again.


If you did that and the problem persists then it's not coming from Admin Tools. When you rename the plugins/system/admintools/admintools/main.php file your site can no longer load Admin Tools' code. Therefore the problem you are experiencing is with the host.

Actually, loading the page for ever and ever, it didn't even give the warning "you are spammer, hacker or otherwise bad person".


Yet another conclusive indicator that it's a hosting issue.

This morning i got in once again, and managed to save my ip to whitelist, and remove my own security exceptions. Then it locked totally again, and no hope even getting to live site.


You keep adding nails to the coffin of this issue. It's definitely a hosting issue.

My client can get to live site though! So i blocked out the server problem...!


This is a false conclusion since your client is not using the same ISP, IP address, browser and computer as you. Considering that the host may actually be blocking you because of what their server mistakes as an attack patterns your conclusion seems to not be grounded on any facts.

I even managed to login via ipad, with another wifi, but when i save something, or anything, it goes again to white page, loading forever...


This, again, points to a server issue. Have you not spotted the pattern yet? When you try to save anything it locks you out. This points me to two possible directions:
- A server module such as mod_security2 or mod_evasive which mistakes your requests as an attack.
- A networking issue, plausible only if you and your client are on different countries.

In case you don't believe me you can simply completely delete plugins/system/admintools. This means that Admin Tools' code can not load (since it's no longer there!) and replace the .htaccess file with the stock one from Joomla!. If your problem persists you'll know that it's something coming from the server. If that magically fixed everything your issue was something in the .htaccess file.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 13 June 2017 04:02 CDT

hemun
Ok, thank you for your help, i believe you, so server must have some kind of firewall, which blockes me out... just noticed that my todays ipad login was blocked also via Admintools; this is what i see in my admintools_breaches.log, marked today:

Blocking reason: ipwl

Found the explanation for this> Code: ipwl
Someone tried to access your site's administrator section but he didn't provide the secret URL parameter. Admin Tools blocked him and prevented him from seeing the login page at all.

Even if i have a correct secret URL-parameter (shows in the error too!) it got me in once, and then the white page without "You are a spammer" warning...
Could it be that both Admin Tools AND server are kicking me out!?
Or why is this ipwl -error in my logs...?

Tuesday, 13 June 2017 04:28 CDT

nicholas
Again, when you rename the main.php file or delete the entire plugin folder there is no Admin Tools code being loaded. In the first case it can't load because you renamed the file. In the second case it can't load because it's not there. Based on what you are saying you did neither, making my explanation invalid since it was based on the assumption that what you said about renaming main.php was true.

As for IPWL it's something entirely different. It's the administrator IP whitelist (you tried to access the site from an IP address which is not in the whitelist). However, this is either an old log entry OR you have not renamed the main.php file. In the former case it's useless and irrelevant. In the latter case try actually renaming the file, log in and then disable the administrator IP whitelist from the Configure WAF page.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 13 July 2017 17:17 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2017-07-13 17:17 CDT

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!