Support

Admin Tools

#28318 Admin Tools detected security exceptions from 'private network' IP addresses.

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 29 September 2017 17:17 CDT

Monday, 28 August 2017 23:15 CDT

muddauber
I get the following message in ADMIN TOOL PRO 4.3.0:
"Admin Tools detected security exceptions from 'private network' IP addresses. This usually means that there is a CDN or reverse proxy in front of your site. If this is a live site please enable the IP Workarounds option to fix this. If, however, you are running this site on your local computer or an Intranet you can safely ignore this message."

I am using my website on Rochen Hosting Services under a shared plan and unable to find documentation on this problem. The options are:
- Enable IP Workarounds
- Ignore

Can you direct me to how to handle this? Thanks for a wonderful product.

Tuesday, 29 August 2017 01:29 CDT

nicholas
Per the message, since this is a live site the only valid option is Enable IP Workarounds.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 29 August 2017 22:29 CDT

muddauber
Thank you for your response.

I am getting a lot of attacks lately, is this opening up anything that I need to worry about?

Also, I have set my Geographic Blocking to exclude most countries, but continue to get alerts of
attacks from China,Poland,Spain,Russian Federation, etc etc. Are these attacks able to get to my site or are they
blocked as they make an attack?

Wednesday, 30 August 2017 01:24 CDT

nicholas
IP workarounds are only required on very specific servers. Namely, when you have a CDN, reverse proxy, external firewall (like Sucuri) or load balancer in front of your web server and you have not configured your web server to report the real client's IP address by parsing the X-Forwarded-For HTTP header. If IP workarounds are disabled for these servers the only reported IP address will be a private network address.

Your site seems to fall in this category. By enabling IP workarounds you will let your site "see" the real IP address of the attacker instead of the internal network address of the reverse proxy in front of your site. Therefore Admin Tools will be able to block the attacker automatically.

The GeoBlock will not work if your site does not see the real IP address of the attacker. Moreover, there are some security exceptions which get evaluated before GeoBlocking, namely anything that has to do with logging in a user. This is due to the way Joomla! itself works under the hood. The user login events precede the earliest event non-core code can hook into (the "application is initialised" event). As a result the user login security exceptions precede the main body of security checks, including Geographic IP Blocking.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 29 September 2017 17:17 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!