Support

Admin Tools

#9936 White list Ip but block own country

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 13 July 2011 04:01 CDT

Wednesday, 06 July 2011 04:06 CDT

eyecandy1
Mandatory information about my setup:



Have I read the related troubleshooter articles above before posting (which pages?)? Yes

Have I searched the forum before posting? yes

Have I read the documentation before posting (which pages?)? yes

Joomla! version: (unknown)

PHP version: 5

MySQL version: UNknown

Host: 247 Host

Admin Tools Professional version: Latest.





Description of my issue:



Hi,



The task I am trying to complete is to block a country. This country is my own country. I have installed admin tools pro and checked my own countries box. This of course locked me out. What I was hoping is that the administrator would still be allow access to the admin site. So the dilemma I have now is Trying to get back in. I have tried deleting admin tools components folders in the administrators/components...and also in /components.

But that returns this error:



Warning: require_once(/home/eyecandy/public_html/administrator/components/com_admintools/models/storage.php) [function.require-once]: failed to open stream: No such file or directory in /home/eyecandy/public_html/plugins/system/admintools/core.php on line 43



Fatal error: require_once() [function.require]: Failed opening required '/home/eyecandy/public_html/administrator/components/com_admintools/models/storage.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/eyecandy/public_html/plugins/system/admintools/core.php on line 43





[b]Im quite new to joomla.

1) is there a way to completely uninstall the component while having no access to the back end.

2) is it possible to white list my ip and still block my own country.?

I tried to find the blocked country in the database but couldn't find anything that seem to relate to geographic

Many Thanks,

Wednesday, 06 July 2011 04:12 CDT

nicholas
In order to log back in to your site, please take a look at the Web Application Firewall's documentation page.

After you log back in to your site, you have to fix the mess you caused by deleting Admin Tools' files :) Start by uninstalling Admin Tools through Extensions, Install/Uninstall, Components. Then, re-install it. If you get locked out again, follow the instructions above to regain access to your site and disable the Geo Blocking feature. In any case, after reinstalling Admin Tools you will have to go through all of the settings and reconfigure the component.

As a rule of thumb, never, EVER remove the files of a component. It will only break it and will hardly ever fix anything.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 06 July 2011 04:31 CDT

eyecandy1
Hi Nic,

Thanks for the speedy reply. I have followed the steps and renamed the file. I can visit the front end of the site fine. But the admin side returns this message:

Fatal error: Call to a member function getValue() on a non-object in /home/eyecandy/public_html/administrator/components/com_admintools/models/jupdate.php on line 30

Any ideas?

Wednesday, 06 July 2011 04:34 CDT

eyecandy1
Also...is it possible to blacklist my own country but white list my ip?

Wednesday, 06 July 2011 04:54 CDT

eyecandy1
Its ok I have just renamed the update file to get past the error. I have now uninstalled and reinstalled.....

Just before I try white listing my ip then the Black list of my own country is there anything else that I need to know. I cant find any documentation on this particular task?

Wednesday, 06 July 2011 05:34 CDT

nicholas
It is not possible to blacklist a country but not black-list your own IP. All restrictions are applied cumulatively, not selectively. The whitelist works by filtering (forbidding) access to the IPs not contained in the whitelist. After that, all other filtering is performed, including black-listed IPs and GeoBlocking.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 08 July 2011 01:23 CDT

eyecandy1
Thanks, I have managed to uninstall and the reinstall. The back seems fine and the front end was fine. I clicked on repair permissions and now the front end returns 500 error.
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

10 minutess later I cant access the front of backend. both returning the same message!!
Help!! I have used Admin tools core on a few other sites with no issues. Iam using pro on this one.

Any ideas?

Thanks

Friday, 08 July 2011 01:41 CDT

eyecandy1
ok, I have changed the joomla folder permissions to 755 (they were on 777) so I can now access the back, but still get the same error on the front end...

Friday, 08 July 2011 05:39 CDT

nicholas
Use FileZilla to change the permissions of all folders to 0755 and all files to 0644. After you get back to your site, please make sure that the default permissions in Admin Tools are set as 0755 for folders and 0644 for files (Components, Admin Tools, Custom Permissions) before using the Fix Permissions button again.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 08 July 2011 06:00 CDT

eyecandy1
I have checked all the folders and files and they are set to 755 for folders and 644 for the files. In admin tools I have set the default to this aswell. And then applied the changes using fix "fix permissions". It appears it could be something else. I tried rewrite .htaccess back to htaccess.txt but that didnt do anything. Now changed back to .htaccess. Is there something obvious I could be missing?

Friday, 08 July 2011 06:24 CDT

nicholas
It sounds as if one of your files or directories has wrong permissions (0775 or 0777) and your server has suPHP, triggering this issue. The fastest (and I really mean, fastest!) way around this is to contact your host and ask them to check the permissions and ownership of your site's files. They can fix them in 2 minutes flat, running a total of 3 commands as root. From our end we can't do much and it would take several hours.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 08 July 2011 19:53 CDT

eyecandy1
Thanks for the fast reply, really appreciate it!!
I have contacted 247 host to make those changes ...could be a few days before I hear from the tho. I have installed xtplorer and used this to change the permissions. I selected all folders and changed to 755 and to recuse into all folders. This changed all the folders and files to 755. The front end of this site is now visible....kind of...But It looks as if Gantry is not doing its job. all the template positions are listed one after each other down the page. I tried to used admin tools now to set the permissions as described previously but this returns the the same 500 error again. I think admin tools is making changes to a folder/file that it shouldn't be? maybe...?

Friday, 08 July 2011 19:59 CDT

eyecandy1
I have just tried setting the default permissions Folders AND files to 755. Applied the changes and it still returns the 500 error. Yet if I set them in Xtplorer the site kinda comes back...minus the template positions. Im Hopeful that may sheds some light on the situation.

Friday, 08 July 2011 20:11 CDT

earthrat
"I have contacted 247 host to make those changes ...could be a few days before I hear from the tho."

LOL... that is a TOTAL contradiction to their name if it is going to take a few days. I would be looking for a better host if I was you...;)

Just Sayin...

Saturday, 09 July 2011 05:29 CDT

nicholas
OK, the broken layout of the page seems to be linked with an insecure plugin shipped with RocketTheme templates and how it conflicts with Admin Tools Professional's .htaccess Maker. Please disable the RokGZipper plugin on your site. Also disable the CSS compression option in Gantry (your template's) configuration.

If you are wondering why these have anything to do with the problem... RocketTheme's RokGZipper and their Gantry CSS compression work by creating PHP files with arbitrary filenames to serve GZip compressed versions of the CSS files of your site. In order for them to work, your site must be able to allow direct access to PHP files of arbitrary (random!) filenames all over the place. This is a bad security practice, as it can be exploited by hackers to upload and run their own malicious scripts. ATPro's .htaccess Maker blocks such files when you use the front-end protection feature (on by default) and results in the layout being broken.

Instead, disable that plugin and that Gantry option and enable the .htaccess Maker's "Compress static resources". This option instructs your web server to serve all Javascript, CSS and a few other static files compressed to the browser. This is at least 50% faster than the PHP method, far more secure and greatly enhances the speed of your site.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Saturday, 09 July 2011 06:16 CDT

eyecandy1
Wow thats awesome!! the site is now back. But when I use admin tools to set the permissions it reverts back to the 500 error. I can fix it by changing all permissions back to 755. folders and files. But this leaves a security issue. What is the best way to secure the right permissions.
btw..
I have yet to do this part...

Instead, disable that plugin and that Gantry option and enable the .htaccess Maker's "Compress static resources"

all other sites I built are on a windows server and the permissions are already set. So this is kinda new to me. Setting all the files individually would take a heck of a long time.!! The feature in admin tools is one of the main reasons I installed it, so it would be great to utilize it.

Saturday, 09 July 2011 06:25 CDT

nicholas
Normally, 0755 permissions for folders and 0644 for files should be adequate. I am not sure why these don't work on your server. Maybe you can ask your host what are the preferred permissions on their server. Unfortunately, there are no "magic bullet" permissions which work on all hosts. I agree, though that 0755 for files is a bit too wide, but it may be necessary for PHP files on your host (some servers deny access to PHP files unless they have the "execute" bit set in their permissions).

Moreover, you may have to enable Joomla!'s FTP settings in Global Configuration. On most shared hosts it is of paramount importance to do so, otherwise Joomla! (and, by extent, Admin Tools' Fix Permissions feature) can not work properly.

For a good introduction on user, groups, ownership and permissions on Linux, Solaris and other UNIX-based Operating Systems commonly used on web servers I strongly recommend reading the Security Information chapter of Akeeba Backup User's Guide. It is a long read (make sure you follow all the Next links!) and you might have to read it a couple of times before the information there "sinks in". When you're done reading it you'll have a much better grasp of how these things work and allow you to better understand what permissions you need apply to your sites.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 13 July 2011 03:04 CDT

eyecandy1
Thats Great. Thanks for all your help. Much appreciated.

Wednesday, 13 July 2011 04:01 CDT

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!