Support

Admin Tools

#38394 Server Propagation Delay?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
4.2.6
PHP version
8.0.23
Admin Tools version
7.2.1 pro

Latest post by tampe125 on Thursday, 26 January 2023 10:29 CST

Tuesday, 24 January 2023 03:44 CST

Nick_Q

Hi, I have built this test site for Joomla 4 and traditionally I use both Akeeba Backup and Admin tools extensions on all sites.  Normally I have no issues with either and have used both happily for many years.

With this new site, and in preparation for the transition of all my sites to Joomla4, I decided to apply more of the security features offered by Admin Tool in particular modifying the Administrator URL and/or adding the additional password for access to that part of the site.

Despite carefully following all instructions and (apparently?) completing each stage of the set-up, I am blocked out of my administrator access and have to completely remove the entire site and database tables effectively by re-installing a recent Akeeba Backup -  at which point all is reset**.  I have been careful to clear the browser cache and reload the site but no difference. I have attempted this now twice with exactly the same result.

( **AS this is right at the beginning of the setup the RESCUE option has not been evoked and the removal of the .htaccess & .htpasswd files made no difference.))

My question is there likely to be a propagation delay of some kind with is not recognising my additional login credentials or is something else going on?  The requirement for additional input is certainly immediate.

Edited by Nick_Q on 2023-01-24 03:53 CST

Tuesday, 24 January 2023 04:04 CST

nicholas

> I am blocked out of my administrator access and have to completely remove the entire site and database tables effectively by re-installing a recent Akeeba Backup

No, you absolutely don't. One of the suggestions in the email sent to you automatically when you apply the Setup Wizard will work.

The Setup Wizard will do AT MOST three things:

I don't think there's any delay since you described getting locked out right away. If there was a delay it would apply to getting locked out, not just fixing your problem.

The most likely problem here is the default PHP version of your host is much older than 8.0, possibly even older than 7.2.5, the minimum PHP version supported by Joomla 4 itself. When you create a .htaccess file it replaces your existing one. The AddHandler / SetHandler lines in your .htaccess put there by your host to tell the web server to use PHP 8 are therefore removed.

In this case you need to go back to your hosting control panel and choose the correct PHP version for your site (8.0). Immediately afterwards, edit your .htaccess file and look towards the end of the file. There's a block with an AddHandler or SetHandler line which was not there before. Copy it, and paste it into the “Custom .htaccess rules at the bottom of the file” area of the .htaccess Maker configuration, see https://www.akeeba.com/documentation/admin-tools-joomla/custom-htaccess-rules.html This way, the next time you regenerate the .htaccess file with Admin Tools it will also output the special lines which your host is using to tell the web server to use the desired PHP version on your site.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 24 January 2023 06:55 CST

Nick_Q

Hi Nicholas,

Thank you for your response... 

I have just reinstalled Admin tools version 7.2.1 Pro and only amended the admin URL within the initial set up.

I am currently faced with the following error messages on both the Front and Back of the Site:

 

This page isn’t working

bbs-joomla4.co.uk redirected you too many times.

ERR_TOO_MANY_REDIRECTS

 

I have checked that the version of PHP within the control panel is set to version 8 and cleared all cookies.   Also, it appears that the only .htaccess to contain an AddHandler or SetHandler statement is the one within the root directory the total content of which is as follows and appears to be correct?:

#+PHPVersion
#="php80"
AddHandler x-httpd-php80 .php
#-PHPVersion

  There is another file within the root directory namely .bash_profile   The content of that file is as follows:

#+PHPVersion
export PATH=/usr/php80/usr/bin/:$PATH
#-PHPVersion

There are two additional files. .htaccess and .htaccess.admintools within the administrator folder but neither contain either an AddHandler or SetHandler statement.   What have I missed?

Edited by Nick_Q on 2023-01-24 06:57 CST

Tuesday, 24 January 2023 09:42 CST

nicholas

To many redirects means that you have set up a $live_site in the configuration.php file (or in the Live Site box when restoring) which does not match the other settings you have set up in the .htaccess Maker. For example, if $live_site is set to http://www.example.com but you have set up a www to non-www redirection and HSTS the .htaccess is trying to redirect you to https://example.com instead. However, once you reach that URL then Joomla! is trying to redirect you back to http://www.example.com which causes the .htaccess to redirect you back to https://example.com… you get the idea.

To solve that, edit the configuration.php file and remove the $live_site contents, making the line look like this:

public $live_site = '';

> Also, it appears that the only .htaccess to contain an AddHandler or SetHandler statement is the one within the root directory the total content of which is as follows and appears to be correct?

Yep, that's correct, don't touch it! Your host is doing this right, by putting the .htaccess file with the AddHandler line one level above your site's root so it doesn't get overwritten when you modify your .htaccess file. As I said, this is good, don't touch it — and don't copy it into the .htaccess Maker settings, we don't need to do that in this particular use case.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 24 January 2023 10:11 CST

Nick_Q

Hi Nicholas,

That makes a lot of sense and I understand the concept but can confirm that the configuration.php in the public_html file already shows: 

public $live_site = '';


Tuesday, 24 January 2023 11:28 CST

Nick_Q

Hi Nicholas,

Further developments - we had a change of support staff at 20i and the new guy stated "I've just tried clearing the cache for this one for you including all CDN nodes" which seemed to sort out the issue - does that make any sense to you?

Apparently, 20i employs "Edge Caching" which caches under its own rules - which on a development site, is not useful!  Purging THAT cache seems (?) to have cleared the problem.

My apologies for not knowing this earlier...

 

Tuesday, 24 January 2023 11:49 CST

nicholas

>  does that make any sense to you?

Yes, and it does clear up a lot of the confusion in your past few support requests.

Your host is using its own caching / CDN in front of the site.

As a result, what you do is NOT immediately reflected on the site.

I would recommend reconsidering using a CDN, especially one which seems to be caching public pages with complete disregard to the HTTP headers Joomla sends asking proxies / CDN to NOT cache the generated pages.

I am also making a note that any further issues you report with this site are likely caused by the host's idiosyncratic implementation of a CDN rather than anything you do on the site itself.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 24 January 2023 11:49 CST

Nick_Q

However, as soon as I attempt to create a new .htaccess file using WAF I am back to 

This page isn’t working

bbs-joomla4.co.uk redirected you too many times.

 

and clearing the cache and CDN cache makes no impact...

Tuesday, 24 January 2023 12:26 CST

nicholas

It's the same thing in different words. Proof:

$ wget "https://bbs-joomla4.co.uk" -O /dev/null
--2023-01-24 20:07:17--  https://bbs-joomla4.co.uk/
Resolving bbs-joomla4.co.uk (bbs-joomla4.co.uk)... 185.151.30.176
Connecting to bbs-joomla4.co.uk (bbs-joomla4.co.uk)|185.151.30.176|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:18--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
--2023-01-24 20:07:19--  https://bbs-joomla4.co.uk/
Reusing existing connection to bbs-joomla4.co.uk:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://bbs-joomla4.co.uk/ [following]
20 redirections exceeded.

Enabling the HSTS feature redirects from HTTP to HTTPS. This requires the server to correctly report when the site is being used under HTTPS. If this is not reported correctly, or at all, you will get a perpetual redirection. Exactly what we see above.

Why does the server NOT report correctly if it's being accessed over HTTPS? I will venture a guess. It appears to me that they have a setup of CDN --> SSL terminator --> web server. In this case the SSL terminator accesses the web server over plain old HTTP as it handles the "S" part of HTTPS itself. In this case the web server MUST be set up so that the HTTPS environment variable is always set to on, otherwise the software running on the web server does not (can not!!) know it's running under HTTPS.

By the way, I am not speaking out of my ass here. I have a private server running Expose and Matrix Synapse as their own, HTTP-only servers with NginX in front of them acting as the SSL terminator (and, yes, I know that NginX is a “poor man's” SSL terminator, but I had my reasons). If I put a CDN in front of it, e.g. CloudFlare (because I am a cheap bastard when it comes to an internal server), I'd basically have your setup. Key difference here? I make sure that NginX sets the HTTP header X-Forwarded-Proto https which is caught by a special plugin I've written for the sites served over Expose to let them know they are being accessed over HTTPS. That is to say, I am fully aware of the non-standard environment and have taken it into account in the way I deploy these sites. It's no longer a stock, off-the-shelf CMS, it's halfway into a bespoke application.

A general purpose host cannot reasonably assume that its clients will have this kind of deep understanding. They are going to be using stock, off-the-shelf, mass distributed application such as Joomla, WordPress, Drupal, PrestaShop, or Magento which have to run on a multitude of environments and cannot make assumptions about the environment — they have to get signals which tells them what the heck is going on. This host's setup assumes that whoever uses it will know how this kind of setup works (even if they have never explicitly said that they use this kind of non-standard setup!), how the off-the-shelf software works under the hood, and how to make these two work with each other using bespoke code OR they expect their clients to only use this hosting service to deploy bespoke Laravel- or Symfony-based applications where you can bake assumptions into the application's tailored code. The former is unrealistic. The latter only makes sense if you want to spend dozens of thousands of Pounds every year to host a bespoke application meant to serve hundreds of concurrent visitors.

Is it too late to switch hosts? It doesn't sound like the host you have matches your expectations or the reality of the site you are developing. 

 

 

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 25 January 2023 03:00 CST

Nick_Q

Hi Nicholas, 

Yet again my thanks for our efforts on my behalf here.

Your comments, as ever,  make complete sense to me so I have forwarded the relevant concerns to support at 20i, to be fair, they have always seemed competent in the past but we will see what response I get.  I would expect to use this solution across c. 30 sites due for a migration to Joomla 4 in the near future so I need it resolved.

I will let you know how I get on!

Wednesday, 25 January 2023 05:43 CST

nicholas

I mean, if I get their setup right, it's a VERY good setup for large sites… just not the kind of setup you can work with an off-the-shelf CMS without a certain amount of knowledge and pain.

The last time I had seen a similar setup on a host it was optional and could be disabled. Maybe that's an option for your host, too.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 26 January 2023 07:22 CST

Nick_Q

Hi Nicholas,

Some further information...

We seem now to have a working site although the solution currently applied was to comment out some of the code within the admin tools generated .htaccess file - In particular, currently:

 

##### HTTP to HTTPS redirection ## Since you have enabled HSTS the first redirection rule will instruct the browser to visit the HTTPS version of your

## site. This prevents unsafe redirections through HTTP.

#RewriteCond %{HTTPS} !=on [OR]

#RewriteCond %{HTTP:X-Forwarded-Proto} =http

#RewriteRule .* https://bbs-joomla4.co.uk%{REQUEST_URI} [L,R=301]

 

The advice I am being given is:

These lines are within the public_html/.htaccess file. In this case, you'll want to replace the HTTPS check with the following: RewriteCond %{env:HTTPS} !on

(The above is copied directly)

I'm afraid my coding knowledge is not sufficient to judge the best way forward here. Undoubtedly I now appear to have a fully functioning site but am aware that with any update to Admin Tools, this change will be overwritten. 

Could I ask you please to advise on this change given the rather extensive and somewhat convoluted history here...

Thursday, 26 January 2023 08:20 CST

tampe125

Hello,

I'm taking this ticket since Nicholas is currently unavailable.

To fix your redirection loop, you have to disable HSTS inside the Htaccess Maker. Regenerate your .htaccess and try again, the issue should be gone.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 26 January 2023 09:21 CST

Nick_Q

Hi David,

Thank you for your response... 

a big thank you also to Nick - as usual you guys have kept me sane and I now have the solution I was looking for.

Change made to disable HSTS and confirmed the change in .htaccess as expected.

Thursday, 26 January 2023 10:29 CST

tampe125

You're welcome!

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!