Support

 Hello,

I found there are lots of setting, in the Admin tools, do you have cheat sheet that we can use to setup it probably, because now what I did I just install it and I created the following:
.htacess
and I put admin folder password.

As I assumed it works fine out of the box once we install the component, please help
by the way the user-guide is very long to keep up with it, so I hope you can have a video tutorial or a cheat sheet for dummies like me lol.

Thanks,

There is really no "one size fits all" solution when it comes to website security.

You may find Brian Teeman's video series helpful: https://www.akeebabackup.com/videos/63-video-tutorials/1550-admin-tools-video-course-with-brian-teeman.html.

Great thank you :)
The lessons were great thanks to Brian Teeman

You're welcome!

I have activated the IP blocking of repeat offenders
and I got this message today:
We would like to notify you that the IP address 68.144.38.176 is now blocked from accessing your site, until 4753-06-04 19:34:06 GMT.

When I checked the log in the backend, it shows the reason is: tmpl.

I'm not sure is there is any threat in this? also do you have a list of the reasons and description of that.

please see attached.

Thanks,

The list of reasons is at https://www.akeebabackup.com/documentation/admin-tools/waf-log.html#waf-log-reasons.

Most of these attacks are carried out by automated script files. You'll see some of them trying to execute the JCE editor for example. It is trying to exploit a vulnerability in JCE from back in the Joomla! 1.5 days. If you're running Joomla! 1.5 and the vulnerable version of JCE, yes it is dangerous. But most of us don't have to worry about that any more.

Most of the tmpl "attacks" are along the same lines. Once upon a time there was a template vulnerability that the script is trying to find and exploit. Note that there are a couple of tmpl settings used by your site that need to be excluded from WAF. They are in the documentation for that setting.

I'm using this templete:
http://demo.rockettheme.com/live/joomla/hexeris/

and Joomla 3.4.3 with the latest JCE

Do you think there is an issue with the Rockecktheme ?

Thanks,

It really isn't possible for us to keep track of all of the third party software and templates out there and which ones have problems and which versions the problems were fixed in.

You have Admin Tools on the job, that's a good first step. The next step is to keep your Joomla! and extensions up to date so you have the latest fixes for all of the known problems.

Keep in mind that Admin Tools and your security settings are not intended to stop hackers from trying to attack your site, they are intended to keep them from succeeding. You will always see traces in the Security Exceptions Log and the various ban lists. All of this means that you have successfully blocked their attempts.