Support

Admin Tools

#9964 403 when trying to set JCE as superadmin editor

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 22 July 2011 02:33 CDT

Wednesday, 20 July 2011 19:48 CDT

TurnTex
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? yes
Have I searched the forum before posting? yes
Have I read the documentation before posting (which pages?)? No
Joomla! version: (unknown)1.5.23
PHP version: (unknown)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: (unknown)current


Description of my issue:
Nicholas, I am sorry if this has been asked before. I searched and could not find an answer and I swear I have seen something about this but can not seem to find it. Sorry for the new thread.

I followed your advice and created a new superadmin id using Admintools. My old superadmin account had JCE as my default editor and the site has JCE as the default editor. However, my new superadmin account has no editor selected. I tried setting JCE but when I do, I get a 403 erros. I used google chrome based on your exceptions directions and all I see is
index.phpPOST http://www.turntex.com/administrator/index.php 403 (Access Denied!)

Do I need to add an exception and if so, what file do I need to add? If not, can you give any further insight in to what I need to change to make this work? I am using JCE Editor 1.5.76.

Thanks in advance for any help you can give.

Thursday, 21 July 2011 01:43 CDT

nicholas
Hi!

It's actually very easy and mentioned in our troubleshooter :) Go to Components, Admin Tools, Web Application Firewall, Configure WAF and turn off the "Disable editing of back-end user properties". Save and retry editing your Super Administrator. That's it :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 21 July 2011 01:49 CDT

TurnTex
Thanks, Nicholas! I knew I had seen it somewhere, I just could not, for the life of me, find the answer! Sorry to bother you with this!

Thursday, 21 July 2011 02:14 CDT

nicholas
No worries! We're here to help :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 22 July 2011 02:29 CDT

TurnTex
Nicholas,

I bet you are wishing I had never purchased the pro version of AdminTools, aren't you! Sorry to have so many questions and be such a pest! I made the changes you suggested and they took just fine. My superadmin account is showing JCE as my default editor but when I go to edit anything, I have no editor and do not have the show/hide option. I used the console in firebug and it showed the following:

You do not have permission for this request /plugins/editors/jce/tiny_mce/tiny_mce_gzip.php?js=true&

I suppose I need to add an exception for /plugins/editors/jce/tiny_mce/tiny_mce_gzip.php ?

Thanks man!

Friday, 22 July 2011 02:33 CDT

nicholas
LoL! No, many questions show that you are serious about setting up a secure site. I have no problem with that. That's why there's the support forum :)

Regarding your question, yes, you can add an exception for plugins/editors/jce/tiny_mce/tiny_mce_gzip.php (note: no leading slash). Alternatively, you can turn off the compression option in JCE. Please note that, according to JCE's author, the script which does the compression (tiny_mce_gzip.php) has proven many times to be very insecure. IMHO, you are better off turning off JCE's compression feature and simply use the "Compress static resources" option in .htaccess Maker for the same result in a much more performant and secure fashion.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!