Support

Admin Tools

#23771 Disable or prevent login from frontend

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Friday, 25 December 2015 17:20 CST

Wednesday, 25 November 2015 08:05 CST

pinguinone
 Goodmorning,
I receive a lot of admin tools exception like this:

Hello,



We would like to notify you that a security exception was detected on your site, site name, with the following details:



IP Address: 91.236.74.165 (IP Lookup: IP Lookup)

Reason: Fallimento Login (Username: user -- Password: pwd)



If this kind of security exception repeats itself, please log in to your site's back-end and add this IP address to your Admin Tools's Web Application Firewall feature in order to completely block the misbehaving user.



Best regards,


I already protected the backend login with a secure url-password and it's not a function for the site to permit frontend access to the site. I suppose that the attacker try to login from index.php?option=com_users&view=login
So it' possible to permantely disable this page from display?

Thanks for the support

Wednesday, 25 November 2015 08:27 CST

tampe125
Buongiorno Gianluca,

non è possibile disabilitare completamente il login da frontend.
Quello che può fare è creare una regola direttamente nel file .htaccess e bloccare la visualizzazione della pagina.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 25 November 2015 08:33 CST

pinguinone
Ciao Davide,
(scusami se sono poco formale ma dopo che ci siamo conosciuti in J!L) siccome uso il vostro .HTACCESS maker mi sai dire cosa aggiungere per bloccare questa visualizzazione?

Grazie

Wednesday, 25 November 2015 09:11 CST

tampe125
Ehi ciao!

Prova ad aggiungere questa regola nel campo Custom rules at the bottom of the file:
RewriteCond %{QUERY_STRING} (^|&)option=com_users(&|$)
RewriteRule ^(.*) - [F]

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 25 November 2015 09:17 CST

pinguinone
Ciao Davide,
funziona non bene...meglio. Perfetto così, grazie mille

Wednesday, 25 November 2015 09:21 CST

tampe125
Di niente!

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 25 December 2015 17:20 CST

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2015-12-25 17:20 CST

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!