Support

Admin Tools

#41442 What is the difference between " Site IP Allow List" and "Exeptions" in "Configure WAF"?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
5.2.2
PHP version
8.2.25
Admin Tools version
7.6.2

Latest post by WoodyF4u on Friday, 20 December 2024 09:24 CST

Thursday, 19 December 2024 09:03 CST

WoodyF4u

What is the difference between "" Site IP Allow List" and "Exeptions" in "Configure WAF"?

In both places I can enter an IP address or range.
But what is the functional difference between the two?

Best regards, Wouter (WoodyF4u)

Thursday, 19 December 2024 09:51 CST

nicholas

Site IP Allow = whitelist. Only these trusted IPs can access the backend of the site. Moreover, they also act as if they are in the exceptions list. Only use this feature of you want to prevent access to your site's backend from anywhere except a small range of static IP addresses.

Exceptions = malicious requests coming from these IP addresses are blocked BUT they are neither logged, nor will you get emailed about them. Use that for the IP addresses of search engine bots and other automations which will be accessing your site, possibly cause false positives, but you really don't want them to get automatically blocked temporarily or permanently as it would cause problems for your site.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 20 December 2024 09:24 CST

WoodyF4u

Thanks for the answer.
Then I had misunderstood the barrier.
I increasingly experience that I am blocked as a Super Administrator in the backend. I then get the page stating that I am a spammer, hacker or bad person.
I was hoping to be able to set it somewhere so that I wouldn't be flocked if I worked from IP addresses that I trusted.
But I do want the freedom to also log in to the backend from other addresses.
Can I enter some IP addresses somewhere that I trust and that are not blocked by AdminTools?

Best regards, Wouter (WoodyF4u)

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!