Support

Admin Tools

#39217 How to read the Blocked Requests

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
3.10.alpha
PHP version
7.4
Admin Tools version
6.1.10

Latest post by [email protected] on Monday, 17 July 2023 02:26 CDT

[email protected]

Is there any documentation on how to read the blocked requests information?
There's a lot of red. That feels important, but I have no idea on what this is telling me or what to do next.

 

 

blocked-requests-graph.png

nicholas
Akeeba Staff
Manager

There is really nothing special about these graphs.

The first graph shows you how many requests were blocked by Admin Tools each day. A sudden spike means that some idiot took an interest in your site, probing it for vulnerabilities. You have no control over this.

The second graph shows what kind of attacks are being blocked. For example, if I see that Admin Query is overrepresented in that graph I know that said idiot is running a bot which is trying to feed random usernames and passwords to the administrator login in hope that they will get a login. However, since it's being handed its butt by Admin Tools there's not a cat's chance in the underworld of this succeeding. In this case I would enable the administrator password protection so the idiot's bot doesn't waste too many server resources (Admin Directory Password Protection happens at the web server level, therefore it does not have to run PHP, Joomla, and Admin Tools before being blocked).

Conversely, if I see a lot of SessionShield attacks I know that some script kiddie found out about a vulnerability Joomla had 8 years ago and idiotically thinks it still stands a chance (it doesn't, but we get to catch these stupid attempts and block these kids' IP addresses so they don't bother you with anything else).

These graphs are not really important. It's more to satisfy the curiosity of people like me, and to give a visual indication that yeah, Admin Tools does something to protect your site, here's how many times a day it does, and what it protected you from.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

[email protected]

Well, thank you Nicholas. I'll follow your advice and set up admin password protection.
Your help is always appreciated.
You can close this ticket now

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!