Support

Admin Tools

#30005 404 Exceptions and the Blacklist

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 24 August 2018 17:17 CDT

Wednesday, 25 July 2018 04:58 CDT

cooltide
Hi

I am getting a lot of 404 Shield notification by email (Thumbs Up for this feature!)
I would like to blacklist them straight away, after the first attempt.

They are all appearing in the Auto ban List, but not the Blacklist?

We have set the IP blacklisting of persistent offenders to: "Yes"
We have set the auto ban: Permanently blacklist IP after to "1"

Can you clarify... Should they also appear in the Site IP Blacklist, or do we have to wait until they try again? In other words more than 1 attempt?

Note: I see that I can manually add them using the "red flag" button in the "security exceptions log screen", but if they are trying these pages we want them stopped at 1 attempt, not after 1 attempt?

Have I missed something?

Thanks in advance

Colin

Wednesday, 25 July 2018 07:30 CDT

tampe125
Hello,

I just tried the Autoban and "Ban repeating offenders" feature and it's working correctly when using default values (temp ban after 3 exceptions, permanent ban after 3 temporary ban).
I strongly suggest you to not immediately ban you users after one security exception: sometimes legit users do wrong/weird things, there's no need to punish them that hard. Most of the attacks are based on trial and error patterns, so a "real" attacker would raise several exceptions, not just one.

Finally, at the moment it's not possible to assign different weights for security exceptions: you can't just ban a user for 1 404 Shield exception while allowing 10 errors for admin secret query.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 24 August 2018 17:17 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!