Support

Admin Tools

#18614 WAF Autoban Message not showing

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 07 February 2014 18:00 CST

Monday, 23 December 2013 13:00 CST

user45038
Hello,

When the auto-ban kicks in for a repeat offender within the WAF, is the component supposed to show the message "You are a spammer, hacker or an otherwise bad person" on a 403 error page to the user?

At present, in my environment no message shows and it goes to the 500 internal server error page.

Any ideas why the message wouldn't show. Pretty standard installation of Joomla and admin tools in a WHM environment - LAMP.

Thanks

Dan

Thursday, 26 December 2013 13:02 CST

nicholas
Admin Tools, in the case you described, does use Joomla!'s error handling methods to display the message you described, also telling it to use code 403. Joomla! will then try to use your template to display that error page. We are aware that some very badly written templates (like those from YooTheme) have bugs in their error pages and end up throwing a PHP error which manifests itself as 500 Internal Server Error pages or white pages.

I would recommend asking your template provider for a solution. If you are using a YooTheme template don't bother, they have already been told about the problem existing in pretty much all of their templates by numerous clients but simply don't do anything. In any other case the template provider should be able to help you.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 07 January 2014 12:15 CST

user45038
Strange, I have set the Beez template as default and the 500 Server Error still shows.

Happens on all Joomla websites I have installed on that WHM server (around 20). Hosting company weren't much help saying it was either permissions (too generous) or issues with the htaccess file.

The cPanel error log shows a few generic errors such as

File does not exist: /home/accountname/public_html/403.shtml
File does not exist: /home/accountname/public_html/404.shtml
File does not exist: /home/accountname/public_html/500.shtml

When I do create those files the server still stalls and then doesn't overwrite the file newly created error file with the admin tools message.

The Joomla error file is getting triggered by other errors such as 404's so no major problem there.

Also, no PHP errors in the directory

Any other ideas?

Thanks for your help!
Edited by user45038 on 2014-01-07 12:16 CST

Tuesday, 07 January 2014 14:30 CST

nicholas
Have you tried it on a site which doesn't have third party plugins which may try to intercept the error page and in the process create a fatal PHP error? I am asking because on all of our sites and on the vast majority of our clients' sites it all works just fine, I.e. When no badly written third party code which interferes with core Joomla! Features is present.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 08 January 2014 04:12 CST

user45038
Thanks for the fast responses Nicholas - Top class support!

I just setup a new cpanel account; installed a fresh 2.5.17 Joomla and AdminTools 2.4.4 (as running PHP 5.2.17)

Again same result - normal 404 error page works; however 500 error when tripping security.

I can PM you the details if you like? Assume it's an environment issue; as you said it works fine on other servers.

Thanks

Wednesday, 08 January 2014 04:42 CST

nicholas
Oh, I just saw that you have an obsolete version of PHP and a very old version of Admin Tools. I know for a fact that the current version of Admin Tools (2.6.0) on PHP 5.3 and 5.4 does work correctly. It is possible that you have run into an old bug that has since been fixed. Unfortunately we can't offer support for these old versions of Admin Tools.

I strongly recommend that you upgrade your site to PHP 5.3 or 5.4. PHP 5.2 is end of life since 11th January 2011, that's exactly three years next Saturday. It is ripe with known security issues which cannot be worked around by PHP-level security software like Admin Tools, compromising the security of your site. Moreover it's up to 7 times slower than PHP 5.4. Remember, since almost two years ago a faster site ranks better in search engine results. For these reasons alone I advise you to upgrade PHP to version 5.3 or, even better, 5.4. Then you can use the current version of Admin Tools which doesn't have the reported issue.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 08 January 2014 05:19 CST

user45038
Fair point - will look to upgrade over the coming month.

Thanks for your help!

Wednesday, 08 January 2014 08:53 CST

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 07 February 2014 18:00 CST

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2014-02-07 18:00 CST

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!