Support

Admin Tools

#27418 Allow administrator access only to IPs in Whitelist - redirect

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by Joris on Wednesday, 29 March 2017 05:21 CDT

Friday, 24 March 2017 04:45 CDT

Joris
 Hi Akeeba,

I want to block all users except whitelist to the backend for the bot attacks.
I created a plugin that a user can go to /beheer instead of /administrator, than his ip is added to the whitelist and redirected to administrator.
So i tell my users go to /beheer instead of /administrator

The reason for this block was to make sure bots cannot harm the site by allot of blocks with different ip's and the server load.
But now you redirect to the domain root, loading the home page is also heavy so i would like to block them with an error text.

Or is it possible to create a .htaccess in the administrator that blocks all but the whitelists with admin tools.
That would be better for performance i think.

I wish you a good day!

Best Regards,
Joris

Friday, 24 March 2017 05:39 CDT

tampe125
Hello,

I created a plugin that a user can go to /beheer instead of /administrator, than his ip is added to the whitelist and redirected to administrator.

So i tell my users go to /beheer instead of /administrator
Admin Tools already have this feature, please take a look at the WAF Configuration Page, Change administrator login directory to.
However this feature does not work on all servers.

If you are concerned about server load, you shouldProtect your administrator back-end with a password. That's a more efficient way to block attackers, since they will be stopped by your webserver, even before Joomla has chances to start.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 29 March 2017 04:55 CDT

Joris
Hi Tampe,

Nope not working on my server, or combination with other plugins. I go to login in frontend and /beheer and /administrator do not work.

I wil try to create a plugin that blocks everything except some ip's with htaccess, and the ip's can be added by going to /beheer.

I do not want to ask for htaccess login because that is bummer to fill in everytime ;-)

Wednesday, 29 March 2017 05:20 CDT

tampe125
Nope not working on my server, or combination with other plugins
That's why we discourage the usage of this feature and we do not offer support: on some server configuration it is not working and there's nothing we can do.

Good luck with your plugin! Can I consider this ticket closed?

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 29 March 2017 05:21 CDT

Joris
Yep,

and i think it would be a great feature to add a htaccess with only whitelists instead of redirect.
That would be better for performence

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!