Support

Admin Tools is designed to block all sorts of attempted attacks, including those that have a very low to non-existent chance of success. By default, it emails you for everything it blocks – I personally find this useless but the majority of our clients asked for it, hence this being the default.

The first thing I recommend is going to Components, Admin Tools, Web Application Firewall, Configure WAF and remove your email from all settings in the Logging & Reporting tab. Except maybe "Email this address on failed administrator login" because that's something you should be aware about.

Now regarding you getting blocked. It was probably because of something you did but we can work around it if we know what it was. Once you get blocked follow the unblocking instructions and then go to Components, Admin Tools, Configure WAF, Security Exceptions Log. Look for the entry towards the top of the list that has your IP address in it. If you're not sure what your IP address is just go to https://whatismyipaddress.com to find out. You will see that the Security Exceptions Log entry has a Reason and a Target URL. The reasons are explained in the List of Blocking Reasons documentation page. They tell you which is the relevant setting. If you can't figure it out yourself please start a new private ticket and give us the Reason and Target URL and tell us what you were doing when that happened so we can help you.

Configuring Admin Tools takes a bit of trial and error at first but it can be tailored exactly to your needs and how your site is set up. The learning curve is a bit steeper than other security extensions but once you configure it for your site it will protect you much better.

When I came back and tried to resume work, I got a message saying that it timed out. A popup window with the front end appeared

That solves the mystery, even if you didn't give me the information I originally asked for :)

You have enabled the Administrator Secret URL Parameter feature. When you access the administrator of your site as /administrator/index.php?YOUR_SECRET_PARAMETER_HERE Admin Tools sets a flag in your user session which says "yup, this person knows the secret URL parameter". This allows you to see the backend interface, including its login page.

If your user session expires this flag is no longer set. Any attempt to access a URL in the backend (/administrator) of your site will trigger a security exception and redirect you to the frontend of the site. If you trigger too many of them – per your Admin Tools settings – you will be locked out of your site.

By leaving your browser tab open for a period of time longer than the Session Timeout (as defined in your site's Global Configuration) your session does expire. When you tried going back there the component you were using tried to access a URL in the backend of your site, repeatedly, triggering the security exception and redirecting you to the frontend of the site. Hence the frontend page in the popup. That's how you got blocked.

The solution is simple. Do not leave your browser open to your site's backend. Log out instead.