Support

Admin Tools

#30448 not able to enable Two Factor Authentication

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Sunday, 09 December 2018 17:17 CST

Molotov
Hello,
Somehow I'm not able to switch the Authentication Method to Google Authenticator.
( I'm not sure if that is because of admin tools, so please apologize if I'm wrong posting here.)
The issue is as follows:
When I want to activate it, I select Google Authenticator as activation method,
I then scan the code to see the numbers
then i enter the numbers in the field and click save.
I get a message user saved but it jumps back to the deactivate option.
Also I noticed that whatever number i enter; i get the user saved message.
No message whatsoever that the numbers are wrong.
Any idea?
Again, should that not be related to admin tools, then please apologize.
Anyway. Thanks for your help!

dlb
I think I see the problem. Please go to Web Application Firewall, Configure WAF, on the Hardening Options tab, set "Disable editing backend users' properties " to No.

Try the TFA again, I think it will be able to save the setting now.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Molotov
Hey Dale, thanks for your help!
I just tried your solution, unfortunately that did not change.
( tried to clear cache, purge sessions and and enable/disable plugin but nothing changed.)

dlb
I tested on one of my sites and it worked like a charm. The Admin Tools setting that I mentioned above was already off for that site. That setting would definitely affect the TFA setup, depending on the user type. It only applies to back end users.

Let's make sure that the problem is indeed caused by Admin Tools. In order to do so, try the following:

1. Try setting the Error Reporting level in your Global Configuration to "None". Many errors are caused by harmless PHP Notices and Warnings being output to the browser, breaking anything which requires HTTP header manipulation such as Joomla!'s session management, AJAX calls and download systems.

2. Try to replicate the issue after disabling the "System - Admin Tools" plugin. If you can still replicate the issue, it is not caused by Admin Tools. Disabling that plugin means that Admin Tools code (including the Web Application Firewall) is not running on your site.

3. If you suspect an issue with the .htaccess file, replace its contents with the contents of the stock htaccess.txt file shipped with every version of Joomla!. If you are on GoDaddy please wait for 1-30 minutes for the changes to be effective. Then, retry loading the problem page. If you can still reproduce the error, then it is not caused by .htaccess Maker.

If doing any of the above resulted in the issue still occurring, it's not related with Admin Tools and we can't help you. If doing any of the above did stop the issue from occurring, we'll have to do some troubleshooting.

First go to Admin Tools, Web Application Firewall, Configure WAF. Make sure "Log security exceptions" is set to Yes; if it's not, set it to Yes and click on Save. Now try reproducing your issue. Immediately after that, please go to Admin Tools, Web Application Firewall, Security Exceptions Log. The latest log entry at the top should have the date and time of when the issue occurred. Please copy the Reason and Target URL here so that we can further help you.

If, however, you do not see a log entry, or the Date and/or IP address do not match your last access, this problem is not caused by Admin Tools' WAF. In this case, you will have to do some .htaccess troubleshooting. You may need to read the general .htaccess troubleshooting page, as well as the page on finding out necessary .htaccess exceptions.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Molotov
Hello Dale,

Many thanks for your help.
I followed your steps and unfortunately (for me) It didn't solve the issue.
I deativated admin tools => same issue
i renamed the .htaccess file to disable it temporarely => same issue
Whatever i type in into the field where i should enter the tfa code, i get an user saved message and it doesn't switch to tfa.
I even can type letters, as long as the field is not empty, i do not get an error message.
I think it has to do something with the server?
(i read that the server has to have mcrypt activated for tfa to work, but it does have mcrypt activated, so i do not know more...)
Thanks anyway for your great great support!

dlb
When you disable the plugin and swap out the .htaccess file, Admin Tools is completely disabled. I don't think Admin Tools is causing the problem.

I don't know much about how this TFA works, I know enough to be able to use it. Logically, it has to communicate with Google's servers. It's possible that your host has a firewall that is blocking access to Google. I think the next step is to talk to you host.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Molotov
Thanks alot for your help.
I found that I'm not the only one with similar issue. (looking in the joomla.org forum...)
anyway, if I find a solution, i'll let you know.
Thanks again!

dlb
You're welcome!


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!