Support

Hi! We have created a backup of a Joomla 4 website and restored it on a different domain (same server) using klickstart. But when we try to open the site we get a '400 BAD REQUEST' error.

I have renamed the htacces file (.bak) but that did not help. I did notice a different error before the BAD REQUEST ERRORS, something like'to many redirects...'? Not sure.

I am not sure how to debug this. Is this a server error or a software error?

I also wanted to try to disable admin tools but I am not sue what file to rename to disable it (rename main;php). This is a different file on Joomla 4? How can I disable Admin Tools on Joomla 4 (renaming what file)?

Hope you can help me figure this out.

Kind regards,
Jip

 

 

 

In addition: We get the error on the frontend and also on the backend.

I figured out we need to rename plugins/system/admintools/services/provider.php to disable  Admin Tools. After this we could see the site and also log in to the backend. I will no try to figure out what needs to change in the Admin Tools settings to get it working properly. I will keep you posted...

Mmmm, I can;t seem to figure out why I keep getting the error 'Bad Request' when I enable AdminTools again by renaming provider.php.bak to provider.php. I have create a new htaccess file using AdminTools that works fine with provider.php disabled so that leads me to believe it's the WAF. But I don't see any log items in AdminTools that can help. 

We use the same settings (it's s a copy...) on the original site on the same server. I don't think there are any specific domain related setting sin the WAF?

Can you help me out?

Ah, there we go ;-) There is a setting in the WAF that is domain related.

Configure WAF -> Request filtering -> Allowed domains

The source domain name was filled in here. After changing this to the new domain name the issue was resolved.

I think we only started using this setting on Joomla 4 and not 3. We have had no need to change this when restoring Joomla 3 sites to another domain. Maybe we should start using this in J3 as well.

Anyway, we can move on now.

I do have a question about this: Is there a way to change this value (Configure WAF -> Request filtering -> Allowed domains) when we restore a website to a different domain? This is not an issue when a backup is restore to the same domain, but we use the restore (also / mainly) to kickstart new sites on different domains. When we do this and we have an allowed domain set in the WAF we will immediately have the Bad Request before after restoring,. We then need to disable Admin Tools (rename file) change the setting and restore the filename. It would be helpful to have kickstart change this setting to a new domain when restoring the site? Just a thought....

Hi Nicholas! Thanks for getting back to me on this. Sorry about spamming my own ticket ;-)

Is there a way for me to test if our server is 'misconfigured' in the sense that we should add a  domain name in the WAF? If this is not the case we could just leave it empty. But then again, adding it to be just sure just is case is also a way to go...

Thanks for you other detailed feedback and also for your great software and support.

Kind regards,
Jip

I am familiar with the host file on my windows pc. I have used it before. When we add our server IP and 'foobar.web' and then browse to http://foobar.web/ we get 'Apache is functioning normally'. We are on a server that has multiple sites (Direct Admin). So the server/IP on its own does not 'know' what site to show. And then this default page is shown.

So does that mean our server is not vulnarable for this specific WAF feature?

 

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.