Support

Admin Tools

#38013 Allowing specific url to work

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
4.2.5
PHP version
8
Admin Tools version
7.1.11

Latest post by tampe125 on Thursday, 10 November 2022 05:05 CST

Wednesday, 09 November 2022 09:05 CST

CyrusXxX

Hello dear support, I have one issue you might help me with.

 

I was setting up cron job for Jomsocial component and after setting that up in cpanel, I noticed that there is a option to execute cron from JomSocial backend if I want to speed things up.

 

But then Admin tools stopped that request and reporting reason in Blocked Request Log was:

Front Edit Admin user

and url which is stopped: 

https://e-masonic.com/index.php?option=com_community&task=cron

 

Can you tell me is there a way to allow this url to work?

 

Thank you!

 

 

 

Wednesday, 09 November 2022 10:02 CST

tampe125

Hello,

I think that the best thing to do is to create a WAF Exception for that component and view, as explained here: https://www.akeeba.com/documentation/admin-tools-joomla/wafexceptions.html

I suspect they're doing some operations that are triggering Admin Tools protection, since they are safe, we can add an exception and let them run.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 09 November 2022 15:27 CST

CyrusXxX

Hello and thank you for quick response.

I have already added entire component to WAF Exception list and in the meantime I contacted my hosting company just in case and this is their response:

 

Hello,

Thank you for your patience.
While checking some code on .htaccess file /home/emasert/public_html/.htaccess is causing this issue. While I disabled the htaccess file by renaming it to something else the wget and lynx commands both worked as below.

[root@host2 public_html]# wget -O /dev/null "https://e-masonic.com/index.php?option=com_community&task=cron"
--2022-11-09 20:30:59-- https://e-masonic.com/index.php?option=com_community&task=cron
Resolving e-masonic.com (e-masonic.com)... 185.67.45.145
Connecting to e-masonic.com (e-masonic.com)|185.67.45.145|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/xml]
Saving to: ‘/dev/null’

[ <=> ] 520 --.-K/s in 0s

2022-11-09 20:31:01 (61.5 MB/s) - ‘/dev/null’ saved [520]

[root@host2 public_html]# lynx -source "https://e-masonic.com/index.php?option=com_community&task=cron"
No videos pending for conversion.No temporary videos to delete.No files to transfer.No Videos to transfer.No avatars or cover of users needed to be transferredNo avatars or cover of groups needed to be transferredNo avatars or cover of events needed to be transferredRemoved Pending Invitation for Past Event

I have enabled the htaccess file since disabling it will cause the site's inner pages to give a 404 not found error. Therefore, kindly check this case with your developer to see what code on htaccess file is blocking access to the site with the above commands.

Please get back to us if you need any further assistance.

htaccess was generated by Admin tools and if you can please see attached zip containing .htaacces file and screenshots of setup.

 

Thank you! 

Thursday, 10 November 2022 01:58 CST

tampe125

mhm... is it possible to connect to your site so I can run some tests? Can you please tell me which URLs should I test to check?

I have made this ticket private so that only you and me can see the information posted here.

Please provide me with the following information:

  1. The URL to your site's administrator login page
  2. Super User username and password
  3. FTP connection information


Please allow up to one business day (GMT+2 timezone) for me to log in to your site and debug this issue. When I'm done I will post back. Once the issue is fixed, you can revoke my access e.g. by changing the Super Administrator and FTP passwords.

IMPORTANT INFORMATION
In order for me to help you fast and accurately, please provide the information by copying the form below, paste it into your reply and fill in the information:

----- Access Information Form -- START -----
Super Administrator access

  • URL to site's administrator page (e.g. http://www.example.com/administrator?foobar):
  • Super User username:
  • Super User password:


FTP connection information

  • FTP methods supported (e.g. FTP, FTPS, SFTP):
  • FTP Hostname:
  • FTP Username:
  • FTP Password:
  • FTP Port (if other than 21 for FTP and 22 for SFTP, ask your host):


----- Access Information Form -- END -----

Please make sure that you have tested the Super Administrator connection using a different browser or machine than the one you are using daily. Double check that logging in is possible and that the user has Super User privileges, i.e. it's not a regular Administrator. Make sure that your site does not block whole countries or IP ranges which would make it impossible for me to log in / connect by FTP. Finally, please do make sure that the FTP connection works and that logging in to it I have access to your site's files.

Kindly note that your site connection information and your site content is handled in strict confidence. Not only we are a reputable development company, we are also bound by law (EU GDPR) to do so. After you file your reply, the connection information to your site will be stored in an encrypted, hidden storage area on our site and will be automatically deleted when this ticket is closed. Finally keep in mind that the people providing support to you are the same developers who wrote the software you're using on your site.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 10 November 2022 02:40 CST

CyrusXxX

Hello Tampe, yes I can provide you with login data here it is:

Login admin url:

https://e-masonic.com/administrator/index.php?regent

 

htaccess username and pass:

CyrusXxX

myhvtwq49mqrpVFF!

Joomla admin:

[email protected]

myhvtwq49mqrpVFF!

 

FTP is disabled but I have installed for you component called FF Explorer and with it you can edit any file and have access to the database if needed.

 

Regarding what url is triggering with cron: https://e-masonic.com/index.php?option=com_community&task=cron

You can also go to  Components/Jomsocial and in top right corner you will see button Notifications, click on it and then on  Unsent mails. EWhen opened you will see Execute cron button see image in att.

in my cpanel I have active:

wget -O /dev/null "https://e-masonic.com/index.php?option=com_community&task=cron" > /dev/null

and

lynx -source "https://e-masonic.com/index.php?option=com_community&task=cron" > /dev/null

They are executing on every 5 minutes.

 

I have removed Jomsocial yesterday from WAF exceptions as it did not make any direfence, just to infom you.

 

Thank you!

 

Thursday, 10 November 2022 05:05 CST

tampe125

Ok, I got what's going on.

Inside the Htaccess Maker, you set the option to block specific user agents, one of them is WGET, which is the default user agent used by the wget CLI program. There are two ways to fix this:

- remove the wget user agent from the blocked list
- when you run your commands, tell wget to use a different user agent using the --user-agent option, for example wget --user-agent "Foobar" www.example.com

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Easter vacation: We will be closed from 17 April 2025 16:00 UTC to 21 April 2025 06:00 UTC due to observing the Christian Easter holiday. Support will be closed during that time for both new tickets, and replies to existing tickets.

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!