Support

Admin Tools

#18679 Full site whitelist

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 07 January 2014 01:47 CST

Friday, 03 January 2014 09:07 CST

directive
This is more of a question than an actual issue. We've been having problems with some foreign countries creating comment spam and other such malicious activity on some of our sites. I want to implement Admintools' geoip features, but some of our clients employ overseas help for various facets of their business. I thought we could just block the countries anyway and add their IP to a whitelist, but it seems the whitelist only works for administrator access.

Is there a way we can block foreign countries, but allow certain IPs to access all parts of the site? We basically just want to be able to specify IPs for the geolocator to ignore completely.

Friday, 03 January 2014 09:43 CST

tampe125
Hello Chris,

if you put an IP inside WAF whitelist, Admin Tools won't perform any check, so you should be able to login even if you're blocking everyone.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 03 January 2014 13:30 CST

directive
No, I tested this with my IP. I added my IP to the whitelist and enabled the whitelist in the WAF settings. I then told geoip to block the US. I was then unable to access anything on the website despite my IP being in the whitelist.

Monday, 06 January 2014 13:31 CST

nicholas
GeoIP blocking has precedence over any other security checks. In simple terms: if you block a country or continent there is no way to issue an exception.

For what it's worth, GeoIP blocking is NOT a security feature and should not be treated as such. It can be trivially circumvented. Just search Google for "free proxy server" and choose one from a country Admin Tools is set up to allow. Yup, it's that easy to circumvent. So why is this feature in Admin Tools? Because people threaten to come after me with torches and pitchforks every time I say I want to remove it. I just gave up and let it stay in Admin Tools.

Nicholas K. Dionysopoulos

Lead Developer and Director

๐Ÿ‡ฌ๐Ÿ‡ทGreek: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: excellent ๐Ÿ‡ซ๐Ÿ‡ทFrench: basic โ€ข ๐Ÿ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 06 January 2014 15:55 CST

directive
Fair enough. Thanks for the info!

Tuesday, 07 January 2014 01:47 CST

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

๐Ÿ‡ฌ๐Ÿ‡ทGreek: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: excellent ๐Ÿ‡ซ๐Ÿ‡ทFrench: basic โ€ข ๐Ÿ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!