Support

Admin Tools

#41362 Panopticon installed in sub-domain can't connect to Joomla (head)domain?!

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
Joomla! 5.2.1 Stable
PHP version
8.3.13
Admin Tools version
7.6.2

Latest post by NicoFaaij on Wednesday, 20 November 2024 16:14 CST

Wednesday, 20 November 2024 07:42 CST

NicoFaaij

Hi,

I installed Panopticon in a subdomain (https://k.stophersentumoren.nl/) of my main domain (https://stophersentumoren.nl/). I added a few websites to Panopticon successfully. However when adding the main domain I get the connection error bellow. So it looks like Panopticon doesn't like to connect from a sub-domain Panopticon installation to the Joomla website in the main domain.

-------------------------------

Error message:

Troubleshooting Information

Uh oh. Something is totally broken here…

Normally we can detect the nature of the connection error and provide some useful troubleshooting information here, or at least point you to some kind of useful, third party troubleshooting resource. When this is not the case, we can at least print out an error message which will help us help you troubleshoot it.

Instead, we got an error which we should be able to provide troubleshooting information for (Akeeba\Panopticon\Exception\SiteConnection\WebServicesInstallerNotEnabled), but we don't have the code for it. This should have not happened.

Please delete all files and folders inside the tmp folder of Akeeba Panopticon. This addresses the problem of this page's cached copy being severely out of date. If this doesn't help, please let us know.

Before you attempt to submit an issue about this connection issue please go to Administration, System Configuration, System and enable Debug System. Then come back here and retry the same connection. You will receive detailed troubleshooting information which you need to include in your issue.

------------------------------

Is there a way to fix this? Or does Panopticon need his own domain, without Joomla a instance in that main-domain? If so than I am afraid that I have to choose another domain and do my Panopticon installation and configuration completly over on that domain, or can I just copy the directory to another domain? For us it would be nice if the monitoringtool Panopticon could run from a subdomain of our main website as that sounds logical to us.

With kind regards and thanks in advance, Nico

Wednesday, 20 November 2024 07:52 CST

NicoFaaij

I put him in debug.

On top I see: Warning: Undefined variable $isWordpress in /home/xxx/sub.mydomain.com/tmp/compiled_templates/3/3/330ead0c99e89b0467ea672250bd1c9a5a1d7b4e.php on line 214

and then I get an debug error like:

404 
                        <!DOCTYPE html>
<html lang="nl-NL" dir="ltr">
        
<head>
......source code page.......
HTTP HEADERS 	

Date
    Wed, 20 Nov 2024 13:46:54 GMT 
Server
    Apache 
Cache-Control

        no-store, no-cache, no-transform
        no-transform

Expires
    Wed, 17 Aug 2005 00:00:00 GMT 
X-4seo-generator
    4SEO 
Set-Cookie
    b6e436268dc90e43ade6e35ae6bcb81f=c5062cdsfg591ef86f9664f4cffa45b2; path=/; secure; HttpOnly 
Strict-Transport-Security
    max-age=63072000; includeSubDomains 
X-Frame-Options
    SAMEORIGIN, SAMEORIGIN 
X-Content-Type-Options

        nosniff
        nosniff

Referrer-Policy
    unsafe-url 
Upgrade
    h2,h2c 
Connection
    Upgrade 
X-XSS-Protection
    1; mode=block 
Transfer-Encoding
    chunked 
Content-Type
    text/html; charset=utf-8
Edited by NicoFaaij on 2024-11-20 08:05 CST

Wednesday, 20 November 2024 08:28 CST

nicholas

You cannot access Joomla's API application (https://stophersentumoren.nl/api/). You get an error. There's your problem.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 20 November 2024 08:54 CST

NicoFaaij

Hi Nicholas,

Ahhh, that makes sence! Why did't I figure that out myself ;-)))

This brings me to a security question. Why did you build a Panopticon component for the only time you need the "Endpoint URL" and "API Token"? It is really in your face for every backend user. Shouldn't it stay a bit hidden in the Users - Joomla Api Token settings? Of course you should only give backend access to trustfull people but publishing these access keys in a own component so right in their faces when you only need it once?

BTW I really like Panopticon, thanks!

With kind regards,

Wednesday, 20 November 2024 10:13 CST

nicholas

The component is actually necessary because of the architecture of Joomla's API application. I recommend reading the API Application section of my book on Joomla! 4 & 5 extensions development.

We need to add additional services to the Joomla! API application to collect Joomla! update information, extension update information (including the Download Key), PHP version information, server information, install updates etc. These services are either not provided by Joomla! itself at all, or are provided in a way that's too limited to be useful for site monitoring.

To extend the Joomla API application you need two things: a plugin in the webservices folder which defines the API endpoint routes, and an API component to handle the endpoints. You cannot have "just" a plugin; it's just not how Joomla! works, and for good reason. I'll get back to that.

However, all Joomla! components MUST have a backend part, and MUST be added to the Components menu. This is hardcoded into Joomla itself. Since we have to have a backend part, instead of putting up a confusing blank page for it I took the liberty of showing the API application's URL and your API application token – information you can obviously find elsewhere in Joomla!.

That is to say, the component was of course not created to show you these redundant pieces of information you could find elsewhere in Joomla!, that would be stupid and I'd like to think that after 18 years of being around I've proven that I am anything but stupid. These redundant pieces of information are shown as a blank page filler in the otherwise meaningless backend part Joomla! requires to have for the component it requires us to build and install (for good reason!) so that the webservices plugin actually does something useful.

But why not just have the webservices plugins handle simple tasks directly? This is something I had discussed with the developer who wrote the API application implementation, many years ago (2018-ish?). Here's the very condensed and not terribly nuanced summary. Most API services are added as part of an existing component. Having the webservices plugin duplicate the code would be contrary to the DRY (Don't Repeat Yourself) principle I had been preaching myself during the initial Joomla! 4 Working Group meetings back in 2015. If you allow components to handle API routes you need to make that mandatory for all API routes for consistency. Having consistency makes the code less error-prone, and troubleshooting much easier. So, yes, having a component provide the actual handling of API routes actually does make sense. It's just annoying when all you need to do is handle API routes.

Side note. WordPress is following the exact opposite approach. Instead of specializing its extension types, it only has one: plugin. A plugin is responsible for registering admin menu entries, handling backend requests for its interface, handle options rendering / storage / retrieval, handle frontend behind-the-scenes stuff (like Joomla! plugins), handle backend and frontend display tasks (like Joomla! modules or components), update provisioning, post-installation tasks, post-update tasks, pre-deactivation tasks, post-uninstallation tasks, scheduled tasks schedule definitions, scheduled tasks definitions, define API routes, handle API routes, define CLI commands, and handle CLI commands among many, many, many other things. This makes the initialisation code of a plugin using more than a small handful of these features or, worse, all of these features –such as Akeeba Backup for WordPress– the stuff of nightmares. It's extremely error-prone and infuriatingly hard to troubleshoot. I think that Joomla follows the right path of extension specialization and having a sane amount of code in each extension type, even if there are some edge cases where this is slightly annoying – like having a backend Components menu entry for a component that really only ever handles API routes.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 20 November 2024 16:14 CST

NicoFaaij

Hi Nicholas,

Thank you very much for all this extra information and the tip to read your book for even more insights. Today I started with your Panopticon and added all my websites to it.  Panopticon is really powerfull!!! Thank you for all your incredable good work! It makes my live much easier ;-)

With kind regards, Nico

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!