Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Latest post by on Friday, 24 September 2021 20:17 CDT
I am unable to edit any settings in the Configure WAF panel. I am immediately redirected to a 403 forbidden page.
Not sure how long this has been an issue since I rarely edit those settings but I wanted to disable the "Disallow site access to IPs in the IP Disallow List" from Yes to No and it redirects to a 403 Forbidden page.
Let me know if you need any additional information. Hoping this is a simple fix and thanks for your support!
Best,
Ralph
Hello,
Admin Tools won't block you to change those settings. It will block you at all or only if you perform specific actions.
You can always completely disable Admin Tools by manually editing the system plugin as described here: https://www.akeeba.com/documentation/admin-tools/web-application-firewall.html#help-locked-out
If you still get a 403 error, that's not coming from Admin Tools.
Once you're done, you can enable it again.
Davide Tampellini
Developer and Support Staff
🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Hi Davide,
That tip did not help. When I disabled admin tools and went back to Web Application Firewall>Configure WAF>Basic Features> and try to change any of those features I am immediately redirected to a Forbidden page. As a matter of fact, now I see that I am unable to update any of the Web Application Firewall items. I am thinking there must be something in an htaccess file somewhere causing this?
Let's triple check Admin Tools is not involved in any way. Please replace your current .htaccess with Joomla default one.
Then try again.
If you still have a 403 error, most likely your host security settings are very trigger happy and you should contact them to report the issue.
Davide Tampellini
Developer and Support Staff
🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
I replaced htaccess file with the Joomla default and I am still getting the Forbidden error. Could it be an htaccess file lurking elsewhere? I do see one in the admintools directory with the following code:
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
<IfModule mod_authz_core.c>
<RequireAll>
Require all denied
</RequireAll>
</IfModule>
I disabled that one, as well, but still get the 403 error. Maybe I need to clear my cache after disabling that?
Those .htaccess files will block direct access to the folder, they won't block your request to Joomla index.php file.
You should get in touch with your host and report the issue, most likely there's a mod_security rule that is blocking your request.
Davide Tampellini
Developer and Support Staff
🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.
Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!