Support

 Hello,

I was locked out of the admin area and couldn't get in after activating Admin Tools. I have installed the Admin Tools and created the secret URL and password protect the Admin then after saving the Admin Tools wizard I was locked out. I'm getting 404 page not found.

It was my mistake I have activated the Admin Tools without pointing the domain name I don't know what went into my mind to do that. The site is under development.

I have read many of the troubleshooting guide here at your website and also the post in the forum and I found the solution. I have disabled the main.php by renaming it. I have disable the .htaccess and the htpasswd by renaming both. Thanks to the extensive documentation now I'm able to log in.

I just need an advice. Since the website isn't ready yet and it is under development I can't point the domain name yet the owner of the site will it and it isn't ready. So what I'm using is just the IP address of the website to work on it. How long can I keep the main.php disabled and the .htaccess and .htpasswd disabled? I don't think hacker can see the website now because it is just an IP address and an account name in the server. Will I create any error or will I damage the Admin Tools if it is disabled for a long time. May be it will take one more week before the site can be ready. Any suggestion or any idea.

Please help

Kind Regards,

Don

Don,

There is no time limit for keeping Admin Tools disabled, you simply do not have the protections in place.

Some servers do not support password protecting a single folder. You have already disabled that by renaming .htaccess and .htpasswd in /administrator. Let's rename main.php back to main.php and see if you can get in with just that part active. It is almost certainly one or the other of these that is causing the problem, not both.

Hello,

You are right! Not both of them are causing the problem atleast I will get some protection if I enabled one.

I think I have to enable the main.php.

Thanks for the wonderful support and advice I appreciate that.

Kind Regards,

Don

Sometimes that password protect feature just doesn't work. It only works for Apache servers and the format of the files changes from one version of Apache to another, so your system has to report the correct version to Admin Tools or the files are created in the wrong format.

The main.php controls all of the Web Application Firewall, so it is more important. You can set a secret URL parameter on the first tab of Configure WAF that will hide your admin login screen from hackers. If they can not find it, they can not attack it.

I am glad it is working for you now.

Hello,

Thanks for all the wonderful support. I'm sorry for the late reply.

We can mark this issue as resolved now.

Kind Regards,

Don

You are welcome!