Support

Admin Tools

#20096 Admin Tools and Joomla 3.3 ok?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Monday, 16 June 2014 18:00 CDT

Friday, 16 May 2014 09:39 CDT

user39895
 I have installed Joomla 3.3 two times now. Both end in the inability to log in. Honestly I have no idea what is causing this and can easily restore to 3.2.2, so it is not a huge deal. I would just like to eventually end up at Joomla 3.3.

Here is the message I end up with when trying to log in, after the 3.3 install:
Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.



Are you sure you want to continue sending this information?



Any thoughts on a possible setting I may have in admin tools that I need to change ahead of time? I have no idea if Admin Tools is causing this and I would have to guess that it is not. I am just looking for any thoughts you may have if this could involve the Admin Tools component.


Thank you!


Edit: Just so you know that I am following other possibilities and not blaming your awesome component.

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=33715

:)
Edited by user39895 on 2014-05-16 09:42 CDT

Friday, 16 May 2014 09:49 CDT

nicholas
Admin Tools 3.0.0 runs just fine on Joomla! 3.3 as attested by our very own site (not to mention it was actually developed on Joomla! 3.3).

Regarding your issue, it has nothing to do with Admin Tools or Joomla!. It is most likely a problem in your configuration. Most likely you've set a $live_site URL with http:// in front of it (e.g. http://www.example.com) but have enabled SSL in the back-end of your site. This is a very, very bad idea. If you have SSL on your site please enable it in both the front-end and back-end and set your $live_site to the https:// URL (or, if it's blank, leave it that way). It makes no sense leaving your front-end without SSL. You went through the trouble of purchasing and installing an SSL certificate. Why not use it? The overhead you add to your server is LESS than 1% and just by using an SSL certificate you are making it much harder, if not virtually impossible, for a whole class of man-in-the-middle and cookie theft attacks to succeed.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 16 May 2014 09:56 CDT

user39895
Nicholas, you are the man. I hope you believe me that I do not think it is caused by Admin Tools. Your level of knowledge is always impressive.

In looking at my configuration.php, I have:
public $live_site = '';

My mistake is because of lack of knowledge, nothing more. You say to leave it blank, I will do that.

I just need to do some research as to how to turn it on on the backside of Joomla. For now, I need to restore to Joomla! 3.2.2, as I cannot even get on to the back side.

Do you have any recommendations as to where I can learn more about the mistake I have made?

Interesting that the install of 3.3 is the step that found it. I never get that message when I log in on 3.2.2.

Edit:
I want SSL turned on the proper way. Maybe I need to change the configuration.php...
Edited by user39895 on 2014-05-16 09:57 CDT

Friday, 16 May 2014 11:20 CDT

user39895
Nicholas, this had already been done:

Friday, 16 May 2014 11:26 CDT

nicholas
Have you tried clearing your Joomla! and browser cache? Also, if your site is behind a CDN or a transparent proxy or if your computer is behind a transparent proxy it will take several minutes to several hours to see the correct login form. Based on experience, clearing the Joomla! and browser cache is most often the only thing you need to do to get past this kind of issues.

Finally, if you are using third party login modules or, in some cases, third party user or user authentication plugins you may experience the same wrong behaviour in the login page. I recommend only leaving Joomla!'s own login module, user plugin and authentication plugin enabled to make sure that no third party code interferes with your login. I've seen this kind of crazy behaviour with some social login solutions, albeit the last time I had to deal with this crap was a little over a year ago.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 16 May 2014 11:56 CDT

user39895
Well, I just dumped the cache, installed Joomla 3.3 and checked the cash again it was still empty.

Grabbed another computer and still cannot log in. I my computer I am still logged in to the admin side. Is there anything I can look at to check if it is wrong?


.htaccess additions made by me:

##### HTTPS REWRITE BEGIN
RewriteEngine On
RewriteCond %{HTTPS} ON
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
##### HTTPS REWRITE END

Edited by user39895 on 2014-05-16 12:08 CDT

Saturday, 17 May 2014 03:11 CDT

nicholas
Your .htaccess rule doesn't make any sense.

The first line tells it to enable mod_rewrite but as you can see it is already enabled towards the very top of the page.

The next two rules tell it that whenever HTTPS is already enabled it should redirect all requests back to https:// which is completely pointless and will cause problems.

Remove your rules. Once you tell Joomla! to enable SSL in the entire site you do not need any .htaccess rules to enforce it.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 16 June 2014 18:00 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!