Support

After updating to 3.6.2 i noticed the new "Quick Setup Assistent" so i checked it out. I noticed it had filled in a secret url paramater automatically. Now according to the documentation listed above, point 1, the admin url should not be accessible without that ?<secret>

yet i can visit site.tld/administrator (note: no ?<secret) just fine. I even double and triple checked this with logging out and logging in. /administrator visible like always. So i logged back in and went back to the quick setup. I noticed the secret had CHANGED!

So to be sure i wasn't going crazy i closed it. Went to <site>administrator/index.php?option=com_admintools&view=quickstart and took a note of the secret parameter: it stated "i9OND0Tj". I pressed F5 to refresh, the secret had changed to "mxaVREh6"

Enable IP workarround also seems to reset itself to yes after i changed it to NO as per recommendation by the wizard (afaik i hadn't even enabled it in 3.6.1 because i know it's not).

I'm guessing the setup assistent isn't working the way it should be

But the tooltip nor string (nor tooltip) indicate its a RANDOM generated one. I understand a hardcoded one would be hackable. I just figured that once it generated one and you pressed save, it would be remembered for next time. can this parameter be configured / changed somewhere without the quick setup? or was this intentionally changed from the previous version (i believe upto 3.6.1 you could set and save it on one of the subtabs)

My IP was apparantly whitelisted, i'll remove that because it's "semi-static". Forgot i even had done that.

So if i just want to be able to access the /administrator url without a secret parameter, i just do it the "normal" way? configuring straight from the sub-tabs? Do i understand you correctly?

Understood, thanks.

case closed :)