Support

 I am using Aimy SiteMap generator with Akeeba tools.

I have setup secret admin and password protection. I get a URL crawl error from Aimy

crawl-init: Failed to parse head: status code not found (255)
Both errors may have a couple of reasons, which are out of scope of Aimy Sitemap's crawler. The following enumeration introduces the most frequent reasons that we know of so far and how to solve them (if possible):

If you use Akeeba Admin Tools (PRO) on your website, be sure to allow both your website's public IP address and 127.0.0.1 ("localhost") to access your website without restrictions by adding them to the whitelist of the included web application firewall:

"Configure WAF" → "Exceptions from blocking" → "Never block these IPs"

However I think the administration security is causing the problem. Is there a way to allow and exception for the sitemap generation? I get the error.

Please disable the plugin System - Admin Tools and try your site map again. If you don't get the error, the firewall is causing it for some reason. We don't want that plugin disabled for a long period of time, just for the test. That disables Admin Tools completely. It is easier to do it that way than to disable just the admin security.

Which admin security technique are you using? The above would not work for password protecting the admin folder.

I am using administrator secret URL parameter and password protect administrator.

I used both because I had two administrator login exceptions reported.

I am the only administrator.

Regards

I think I see the problem. I wondered why a site map was scanning the back end. It isn't.

When you use the password protect administrator function it sets up an Apache level password on /administrator. Any program that accesses something within the /administrator tree must provide the user ID and password or access is denied. I think if you disable this protection Aimy Sitemap will work.

It isn't actually trying to scan the back end, it is pulling a program or asset (jpg, png, css, etc.) from the back end. A public facing program should never do this. All of its assets should be in public facing folders. If I'm right, you should be getting a 403 error in your server error logs. The log will tell us exactly what file it is looking for.

There is no work around or exception to the password protect administrator, it is absolute. If that is causing the error, all we can do is turn it off. If Aimy is pulling an asset out of /administrator, then you need to contact the program author and request that he or she fix it.