Support

Admin Tools

#30310 404 on administrator after Updating cPanel

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 02 November 2018 18:17 CDT

Monday, 01 October 2018 09:34 CDT

myaviation
Ok about a week ago I updated my VPS with inmotionhosting.com to allow me to get the newest version of php to 7.2

Before we had I belive it was called PHP Manager - this was just a simple way for me to go in and change my php from 5 to 7 that it..

As Joomla now require higher version I asked my Hosting Company to allow me to go higher..

So they installed on my VPS (WHM)

With the update to EasyApache, the hosting system was able to update to the latest cPanel version. This included two new tools within the cPanel interface for adjusting PHP values for the account: MultiPHP INI Editor and MultiPHP Manager .

Then right after this upgrade some of my Joomla sites I coudn't access the ADMIN folder with your String for extra security
http://vbyc.ca/administrator/index.php?4P5siyka

So I disable the admin tools but that didn't work - thought it was somehting to do with my Directory Security, that didn't work..

Then After numerious calles with there support team and looking at some stuff I noticed that this new MultiPHP Manager put on the bottom of the public_html .htaccess file 

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php5_module>
   php_flag asp_tags Off
   php_flag display_errors Off
   php_value max_execution_time 300
   php_value max_input_time 600
   php_value max_input_vars 1000
   php_value memory_limit 512M
   php_value post_max_size 256M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php54"
   php_value upload_max_filesize 256M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php70” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-ea-php70 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit


As this code wasn't in my .htacess file before the MULITPHP MANAGER WAS INSTALLED. And inmotionhosting told me and told me that I PUT THIS IN MY .htaccess file over and over.. but it was this new Multiphp manager that did this.. And before this code my http://vbyc.ca/administrator/index.php?4P5siyka worked I could go in and do what i wanted..

So after another Support EMAIL they are tell me this. - that the OLD WORKING .HTACCESS FILE is causing the issues that was generated from akeeba ADMIN. that was working just fine.. (I have 34 sites and only 4 of them are having this issue)

As there seems to be some confusion regarding the .htaccess coding these tools use, I will clear this up first. The MultiPHP INI Editor editor allow for adjusting PHP values on a per domain basis and results in the following coding being added to the .htaccess file for the site to set these values locally:



<IfModule php5_module>

php_flag asp_tags Off

php_flag display_errors Off

php_value max_execution_time 300

php_value max_input_time 600

php_value max_input_vars 1000

php_value memory_limit 512M

php_value post_max_size 256M

php_value session.gc_maxlifetime 1440

php_value session.save_path "/var/cpanel/php/sessions/ea-php54"

php_value upload_max_filesize 256M

php_flag zlib.output_compression Off

</IfModule>



The above lines are simply limit values for PHP. The MultiPHP Manager tool allows modification of the PHP version used to load the site and appends the following type of lines to specify the version to use:



<IfModule mime_module>

AddType application/x-httpd-ea-php70 .php .php7 .phtml

</IfModule>



Both these blocks of code specifically apply to PHP and would not directly affect any redirect coding also in the .htaccess. Knowing this, we have reviewed the .htaccess file to see if any specific coding could be linked to the reported 404 error at "https://bordercityaviation.com/administrator". We found that when specifically removing the following coding in the .htaccess the administrator page loads on our end, but when this coding is replaced the 404 error does recur:



##### Joomla! core SEF Section -- BEGIN

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

RewriteCond %{REQUEST_URI} !^/index\.php

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.[^.]+)$ [NC]

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$

RewriteRule .* index.php [L]

##### Joomla! core SEF Section -- END



For the time being, we have commented out this redirect coding within the .htaccess to prevent it from being run. We would advise to reach out to a Joomla! developer for diagnosis of this redirection itself. If they feel its necessary, we're more than happy to make any system level changes they recommend.



Sorry for this long email - As i'm just lost on this issue..

Monday, 01 October 2018 10:08 CDT

nicholas
OK, lots of things going on here. Let me start by fixing your issue. You have misdiagnosed it. Please remove the .htaccess and .htpasswd files from your site's administrator folder. This should let you log back into your site. Then you can use the Password Protect Administrator feature again to lock down access to the administrator folder. If that fails you need to contact your host and tell them to check why password protecting a folder does not work.

Please note that this is unrelated to the Administrator Secret URL Parameter feature you are talking about. The administrator password protection takes place inside Apache (the web server) itself, before Joomla! is loaded. The administrator secret URL parameter takes place inside Admin Tools, after Joomla! has started loading.

Regarding the code which was added to your .htaccess file, I don't know what your host is smoking but you are right. This is, indeed, added by the multi PHP version manager. The line
AddType application/x-httpd-ea-php70 .php .php7 .phtml
looks like how most hosts let you change your PHP version on the fly: using an AddType directive to the .htaccess file. Our host, SiteGround, uses a similar AddType directive. The exact content of that directive depends on the server setup. I think you may have hit on a new support agent who doesn't understand what's going on. It's best to ask to escalate the issue.

The stuff wrapped inside the IfModule section are also added by the host-provisioned software as it is very clearly and explicitly state. However they are probably ignored since the PHP 5 Apache module is not applicable on your server (after all, they moved you to the VPS to use PHP 7).

In any case, these directives have nothing to do with your problem.

Regarding what they wrote about the directives they removed, I wonder if they have any idea what they are doing at all. These directives, as explained in the header above (which they included in their reply!!!), are used by Joomla! to implement SEF URLs. By removing them they have disabled SEF URLs. They also have NOTHING to do with your problem.

So, yeah, you have ended up talking with a support tech who's a newbie, knows enough to be dangerous but not enough to help. It happens.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 01 October 2018 10:14 CDT

myaviation
But they are telling me its this LINE - that is causing the 404 page not found..

DO you have a Basic .htaccess nothing in it I saw it once on your Site but can't find it - I want to start the .htaccess with a clean version then start adding stuff to it..

We found that when specifically removing the following coding in the .htaccess the administrator page loads on our end, but when this coding is replaced the 404 error does recur:

##### Joomla! core SEF Section -- BEGIN
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.[^.]+)$ [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule .* index.php [L]
##### Joomla! core SEF Section -- END

Tuesday, 02 October 2018 07:01 CDT

nicholas
OK, I will tell you in detail what is going on and why you should ultimately change hosts (too bad, I thought InMotion had half a clue).

The administrator password protection feature in Admin Tools is, in fact, not implemented as a feature in Admin Tools, Joomla! or any PHP code. It simply creates a .htaccess and .htpasswd file in your administrator directory. The .htaccess file says: "Access to this folder is to be allowed only to users who have logged in using HTTP Basic Authentication. The list of usernames and (hashed) passwords can be found in the file .htpasswd in the same folder". This means that whenever a browser tries to access any URL under /administrator on your site they will prompt you to enter a username and password before being able to access it.

But... how does the browser know to ask you for a username and password? The web server (Apache) sees that your browser has not sent an HTTP Basic Authentication header in the request. Internally, Apache converts it to an HTTP 401 Authorization Required error. This will be sent to the browser and the browser knows to ask you for a username and password. Then the browser resends the request with the username and password in the HTTP Basic Authentication header and Apache continues processing the request, loading Joomla! etc.

That is, IF Apache sends the HTTP 401 Authorization Required error to the browser. This is exactly where the root cause of the issue occurs.

Apache has a feature called "custom error pages". You can tell Apache "hey, if you see an error code 500 don't show your default error message, instead try to show this file to the user". Your host has set up custom error pages for all HTTP errors, including 401 Authorization Required. So when Apache sees that it has to send a 401 error message to the browser to let it know that it requires HTTP Basic Authorization to proceed it looks for the missing file.

Now, either of the following happens (I can tell you which one since I don't have access to the server):

A. the custom error page is a file which does not exist. This causes Apache to convert the error from 401 Authorization Required to 404 Not Found. Therefore you get a 404 Not Found error.

B. the custom error page is a URL. In this case Apache converts the 401 Authorization Required error message to an internal redirection. Apache tries to load that URL. I believe that the URL is not a real file present in your web root but an internal redirect they have set up. Since Joomla's SEF URL handling has priority it kicks in and tries to process it. Since the URL is not a valid Joomla! page you get a 404 error from Joomla! which gets propagated to Apache. This would explain why removing Joomla!'s SEF URL block (the entire block, not just a single line) "fixes" the issue BUT breaks YOUR site's SEF URLs.

The root cause of your issue is that your host has enabled Apache custom error pages without asking you and without ensuring that the files / URLs they are pointing to can be served by your site. Moreover, they do not know how Apache works and they insist that the problem is Joomla's SEF URL handling which defies all reason. In fact, Joomla!, WordPress, Drupal and literally every single PHP script with URLs not including index.php uses a similar block in their .htaccess files. So your host claiming that this block is a problem is asinine, plain and simple.

If your host is too incompetent to know how Apache redirections work maybe it's time to move a different host that actually knows a thing or two about hosting web sites.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 02 October 2018 08:31 CDT

myaviation
Ok I have an update

1. I was on EasyApach 3 then they moved me to EasyApach4 (this is where MultiPhp Manager came to the picture)

2. So now when I change anything in my Admin tools for the .htaccess file this new EasyApach4 with the MultiPHP Manager - it Deletes this important line of code 

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php70” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-ea-php70 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit


As then if this is not showing it will give my website.com a "ERROR" - then i have to go back to the MultiPHP Manager and then Re APply the PHP 7.0 (as 7.1 or .2 won't run for this certain website not sure why? but thats another issue)

3. So Now I can get to my website admin folder www.vbyc.ca/administrator without the 404 page not found issue

4. So now I"m going to put on the Administrator secret ULR - and now its working
- its working with the .htaccess directory Security for the admin folder
- I have no clue now its working now..
- As Again i have 40 Websites and only 4 of them have issues.. when the EasyApach4 was installed..

5. But I need to do some testing as my sites where all in joomla 3.8.10 and not sure if that caused any of the issues.. as I updated this site to 3.8.12 and now its seems to be stable..

But what an issue with this MultiPHP Manager -

Thanks for you support - I'll post if anything changes as I'm going to try to now fix my 3 other Sites that worked and not working - I'll try to apply this same .htaccess file and see if that works.

This is just a question do you have any Security Good settings to apply for the PHP.INI file as to what to set all to for the best security and Permissions.

allow_url_fopen = Off
allow_url_include = Off
display_errors = Off
enable_dl = Off
file_uploads = On
max_execution_time = 300
max_input_time = 600
max_input_vars = 1000
memory_limit = 512M
post_max_size = 256M
session.gc_maxlifetime = 1440
session.save_path = "/var/cpanel/php/sessions/ea-php70"
upload_max_filesize = 256M
zlib.output_compression = Off

Tuesday, 02 October 2018 10:00 CDT

myaviation
Ok - just tried a new Domain that I was having issues on
- this is a site useing joomla 2.x
- php 5.6
- note i know its out of date but client doesn't want to move..

So this is the issue - Can't add on the Secrete URL
1. If i Add it it just goes to the 404 page not found
- very odd.

Add the directory security - without the secrete url
1. If I put this on either from the admin tools or the cPanel it comes again with a 404 page
- could it be something in the public_html .htaccess file that is causing this? or as you stated something wrong on the updated EasyApach4? or something set in the DEFAULT php.ini file?

here is my .htaccess for this site. 

### ===========================================================================
### Security Enhanced & Highly Optimized .htaccess File for Joomla!
### automatically generated by Admin Tools 3.4.2 on 2018-10-02 14:19:13 GMT
### Auto-detected Apache version: 2.5 (best guess)
### ===========================================================================
###
### The contents of this file are based on the same author's work "Master
### .htaccess", published on http://snipt.net/nikosdion/the-master-htaccess
###
### Admin Tools is Free Software, distributed under the terms of the GNU
### General Public License version 3 or, at your option, any later version
### published by the Free Software Foundation.
###
### !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
### !!                                                                       !!
### !!  If you get an Internal Server Error 500 or a blank page when trying  !!
### !!  to access your site, remove this file and try tweaking its settings  !!
### !!  in the back-end of the Admin Tools component.                        !!
### !!                                                                       !!
### !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
###

##### RewriteEngine enabled - BEGIN
RewriteEngine On
##### RewriteEngine enabled - END

##### RewriteBase set - BEGIN
RewriteBase /
##### RewriteBase set - END

##### Custom Rules (Top of File) -- BEGIN
## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"
</IfModule>
## EXPIRES CACHING ##
##### Custom Rules (Top of File) -- END

##### File execution order -- BEGIN
DirectoryIndex index.php index.html
##### File execution order -- END

##### No directory listings -- BEGIN
IndexIgnore *
Options -Indexes
##### No directory listings -- END

##### Redirect index.php to / -- BEGIN
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^index\.php$ http%2://www.bordercityaviation.com/ [R=301,L]
##### Redirect index.php to / -- END
##### Rewrite rules to block out some common exploits -- BEGIN
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code\(.*\) [OR]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\[0-9A-Z]{0,2})
RewriteRule .* index.php [F]
##### Rewrite rules to block out some common exploits -- END
##### File injection protection -- BEGIN
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
##### File injection protection -- END

##### Advanced server protection rules exceptions -- BEGIN
RewriteRule ^administrator\/components\/com_akeeba\/restore\.php$ - [L]
RewriteRule ^administrator\/components\/com_admintools\/restore\.php$ - [L]
RewriteRule ^administrator\/components\/com_joomlaupdate\/restore\.php$ - [L]
RewriteRule ^templates\/yoo_infinite/ - [L]
##### Advanced server protection rules exceptions -- END

##### Advanced server protection -- BEGIN

RewriteCond %{QUERY_STRING} \=PHP[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} [NC]
RewriteRule .* - [F]
## Back-end protection
RewriteRule ^administrator/?$ - [L]
RewriteRule ^administrator/index\.(php|html?)$ - [L]
RewriteRule ^administrator/index[23]\.php$ - [L]
RewriteRule ^administrator/(components|modules|templates|images|plugins)/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|mpg|mp3|mpeg|mp4|avi|wav|ogg|ogv|xls|xlsx|doc|docx|ppt|pptx|zip|rar|pdf|xps|txt|7z|svg|odt|ods|odp|flv|mov|htm|ttf|woff|eot)$ - [L]
RewriteRule ^administrator/ - [F]
## Disallow access to htaccess.txt, php.ini and configuration.php-dist
RewriteRule ^(htaccess\.txt|configuration\.php-dist|php\.ini)$ - [F]
##### Advanced server protection -- END

##### Joomla! core SEF Section -- BEGIN
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.[^.]+)$ [NC]
RewriteRule .* index.php [L]
##### Joomla! core SEF Section -- END


# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php56” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-ea-php56 .php .php5 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

Tuesday, 02 October 2018 10:07 CDT

nicholas
Regarding #2. Yes, it does since it regenerates the .htaccess from scratch. You have to add that code to the "Custom .htaccess rules at the bottom of the file". Actually, the documentation tells you that this area is primarily for this kind of directives :)

Regarding #4. That's because by upgrading your account they removed the custom error pages. Which is what they should have done from the start.

Regarding #5. No, the Joomla! version is completely irrelevant.

Regarding what "MultiPHP Manager" is. It's a feature of cPanel, the hosting control panel software used by your host. It allows you to choose which one of the many available PHP versions on the server is to be used on the site or even specific folders. For more information please take a look at its documentation https://documentation.cpanel.net/display/74Docs/MultiPHP+Manager+for+cPanel

Regarding the PHP settings, I have some observations. I am only including the lines I would change and why,

allow_url_fopen = On
This is NOT a security issue. This only allows your server to read files from remote servers. This is used when Joomla! is fetching update information and the updates themselves both for Joomla! itself and its extensions. Disabling it might cause updates to fail which is a major security issue.

The PHP security issue of allowing the inclusion of remotely hosted executable code is already mitigated (= fully solved) by the previous line, allow_url_include = Off.

max_execution_time = 30
Their default, 300 seconds, is a full 5 minutes. That's excessive. If an extension has a coding error this will most definitely lead to a server crash. 30 seconds is a happy compromise. Long enough to do useful but time intensive operations (like taking backups) but short enough to prevent a buggy extensions from killing your site.

memory_limit = 128M
If your Joomla! site requires more than 128M of memory to render a page you should REALLY consider simplifying it. In fact, 128M is more than an ample amount of memory for really long data crunching operations. I should know, I have the experience of writing a CRON job script which had to go through 70,000 users and all their posts, downloads etc (millions of rows!) to send out emails to those who hadn't logged in for more than 18 months and would have their accounts deleted. 128M got me a good 8,000 records before I ran out and that's because I couldn't be bothered to fix a slow memory leak I knew the source of but would be a total pig to permanently resolve.

post_max_size = 10M

upload_max_filesize = 8M

There's no reason to allow 256MB files to be uploaded to the server! Remember, your server will choke while trying to process a massive upload, opening you up to a potential denial of service attack. The limits I use (10M for POST requests and 8M for file uploads) are more than enough for most practical purposes. Increasing them only makes sense if you expect your users to upload massive media (video, audio and to a lesser extent image) files.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 02 October 2018 10:09 CDT

nicholas
Regarding your last post, the problem is Apache Custom Error Pages. You need to remove them. See this https://documentation.cpanel.net/display/74Docs/Error+Pages

Remove the custom error page for HTTP status codes 401 and 404.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 02 October 2018 10:14 CDT

myaviation
Apache Custom Error Pages
As for the 401 and 404 for I checked it out for both and they are BLANK for the domain that I can't get the secrete url to work or the directory password.

Tuesday, 02 October 2018 10:14 CDT

myaviation
I will look at your above post and fix my php file thanks

Tuesday, 02 October 2018 10:27 CDT

myaviation
Ok i just did my LAST website that wasn't working here is what I did

Started at Joomla 3.8.8
php - 7.2.10
admin tools 5.1.2
.htaccess file was from a WORKING website that I just did so I know the htaccess was working

Secrete URL - didn't work had to disable Admin tools

Updated to 3.8.12
updated Admin tools to 5.1.4 (used the same .htaccess file as above)
Secrete URL - worked and the directory privacy works

So I hope you can figure this out? unless its bad code with joomla with the EasyApach4 - I"m just guessing as this is above my pay grade.

Wednesday, 03 October 2018 04:08 CDT

nicholas
Delete the .htaccess file from the site's main directory (public_html).

Delete the .htaccess and .htpasswd files from the site's "administrator" directory.

Log in to your site's backend.

Go to .htaccess Maker. Make sure the code for changing the PHP version is in the "Custom .htaccess rules at the bottom of the file" as we discussed last time.

Generate the .htaccess file using the .htaccess Maker.

Log out and log back in. You should have no problem.

Go to Admin Tools, Administrator Password Protection.

Set up a username and password.

At this point your browser should ask you to enter the username and password you just saved. Then it should display the backend of the site again.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 02 November 2018 18:17 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!