Support

Admin Tools

#28350 HikaShop Add to Cart & Admin Tools

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Wednesday, 04 October 2017 17:17 CDT

kchahine
Hi,
I have a puzzle that I wasn't able to explain but to suspect the behaviour of WAF in Admin tools. It seems that the "Add to Cart" button of HikaShop will not function if I am connected to unsecure network such as direct mobile data or public wifi, the problem seems to be resolved if I am connected to a secure WIFI (such as home). My question is: would there be anything in WAF that could block the "Add to Cart" button HikaShop while connected to public WIFI or Mobile Data?

nicholas
Akeeba Staff
Manager
Let's make sure that the problem is indeed caused by Admin Tools. In order to do so, try the following:

1. Try setting the Error Reporting level in your Global Configuration to "None". Many errors are caused by harmless PHP Notices and Warnings being output to the browser, breaking anything which requires HTTP header manipulation such as Joomla!'s session management, AJAX calls and download systems.

2. Try to replicate the issue after disabling the "System - Admin Tools" plugin. If you can still replicate the issue, it is not caused by Admin Tools. Disabling that plugin means that Admin Tools code (including the Web Application Firewall) is not running on your site.

3. If you suspect an issue with the .htaccess file, replace its contents with the contents of the stock htaccess.txt file shipped with every version of Joomla!. If you are on GoDaddy please wait for 1-30 minutes for the changes to be effective. Then, retry loading the problem page. If you can still reproduce the error, then it is not caused by .htaccess Maker.

If doing any of the above resulted in the issue still occurring, it's not related with Admin Tools and we can't help you. If doing any of the above did stop the issue from occurring, we'll have to do some troubleshooting.

First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log. The latest log entry at the top should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that we can further help you.

If, however, you do not see a log entry, or the Date and/or IP address do not match your last access, this problem is not caused by Admin Tools' WAF. In this case, you will have to do some .htaccess troubleshooting. You may need to read the general .htaccess troubleshooting page, as well as the page on finding out necessary .htaccess exceptions.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

kchahine
Hi,
I check your first suggestion and I couldn't see any error reporting being enabled.
I tried to disable System - Admin Tools but failed as I wasn't allowed to do it. I tried to find a source on how to do it but couldn't, any documentation about it?
Also, contacted HikaShop support and they seem to find the source of the problem and their response was:
-------------------------------------
The add to cart ajax request returns an error :
monosnap.com/file/XmXqbLmTqzbNe3tmEHHPMnNaOhlqSF
This looks like an issue with a security component.
------------------------------------------------

I will continue with other suggestions after attending to the above with you.

kchahine
Hi,
I managed to disable the admin tools and it seems to have resolved the issue, so definitely it is caused by Akeeba Admin tools (in combination perhaps with the new template I am using)

kchahine
Apology for this second post but I managed to create a Staging copy (staging1.morenadancewear.com.au) of my website and I disabled the admin tools component as seen in the following picture:
https://1drv.ms/i/s!AmJWpvLPje2ggd1P341EvRfVlD1F4A
It seems all to have worked properly, however implementing the same to my live website seems to not work at all. In addition to "Add to Cart" not working the website is dispaying a message of component not found (header the website seems to execute but no content being processed, on public WIFI).

kchahine
Again, apology for the constant posts but I managed to resolve the issue with my website by disabling all instant of Admin Tools components. The resolution was by also clearing all cache. I would like to have Akeeba Admin Tools as I find it to be very useful, is there a way to keep the best of all worlds?
In the meantime I need to disable all so my business continue to function properly online!

nicholas
Akeeba Staff
Manager
The following has to take place on a site where you have both HikaShop and Admin Tools enabled. First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log. The latest log entry at the top should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that we can further help you.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

kchahine
Hi Nicholas,
The HikaShop team managed to find a solution to the problem, they advised to add ajax to "List of allowed tmpl= keywords". They also realsaed a new version which will be using "raw" script instead of "ajax".
I tested the website and it seems to be working now. Any suggestion at this stage?

nicholas
Akeeba Staff
Manager
Oh, that's a very old bug I had reported to Nicolas of HikaShop back in April 2017 when we met in JoomlaDay Norway. I had not received any more reports after that so I thought they had already fixed it :)

His suggestion works and is neutral with regards to security. So I'd say that I have no other suggestions. The solution is acceptable.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!