Support

Admin Tools

#17715 Edit K2 articles front-end

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 02 October 2013 09:10 CDT

Tuesday, 01 October 2013 04:26 CDT

user79065
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 2.5.14
PHP version: 5.3
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: last

Description of my issue:

I state that I have already read about this problem: https://www.akeebabackup.com/support/admin-tools-core/9632-password-protect-admin-blocks-users-from-adding-k2-article-in-fromt-end.html

Really is there no solutions?
An alternative would be to put between the allowed, files that are used by k2 in the front end or not?
Or to disable protection from backend and front end but would be a contradiction.

Tuesday, 01 October 2013 05:44 CDT

nicholas
There is really no solution other than NOT enabling the "Administrator password protection" feature in Admin Tools.

IMPORTANT: This feature is irrelevant to the .htaccess Maker.

The problem is that the K2 authors are ignoring Joomla! best practices and do things in an insecure way. I've grown tired of telling them about this issues over and over again. They are not interested in changing their code to be secure, I am not interested in wasting my time trying to convince them to improve their product. If you have breath to waste try convincing Fotis that he needs to change his code. I am pretty sure that you'll soon become an ex-user of K2.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 01 October 2013 06:54 CDT

user79065
Indeed many of the functions of k2 should be rewritten because they do not work as they should, not only the safety needs to be improved!

So, if i disable Administrator password protection, what can i do to protect administrator panel??

Tuesday, 01 October 2013 08:22 CDT

nicholas
> Indeed many of the functions of k2 should be rewritten because they do not work as they should, not only the safety needs to be improved!

Yeah, most of my comments to Fotis was on that vein. It was a total waste of breath. I gave up with them.

> So, if i disable Administrator password protection, what can i do to protect administrator panel??

You can use the secret URL parameter, of course – that's in the Configure WAF page, towards the top. Hint: read the Quick Setup chapter of our documentation.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 02 October 2013 05:36 CDT

user79065
Perfect but i want to know, is better or worse this method instead Administrator password protection?

P.s. is it possible to contact Fotis?
Edited by user79065 on 2013-10-02 05:37 CDT

Wednesday, 02 October 2013 07:04 CDT

nicholas
It's neither better not worse, it's a different method. The effective result (people who don't know something "special" can't even see the back-end login page) is the same in both cases.

Regarding contacting Fotis, I happened to be able to contact him because we live in the same country and I had his phone number. For the rest of the world it will be extremely difficult to find him on the forums, he may take ages to reply (if he does) and I'm not sure you're going to like his replies.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 02 October 2013 08:03 CDT

user79065
Nicholas, really, thank you so much for your support! However, akeeba backup and admin tools, really good extension!!
If you want, we keep in touch on fb if you have it, so maybe we can talk about k2 and update me about Fotis always if you really want to do it! :)

Regards!

Wednesday, 02 October 2013 09:10 CDT

nicholas
Cheers :)

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!