Support

Admin Tools

#27190 Hikashop

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Saturday, 25 March 2017 18:17 CDT

Akeeberg32
 Hi!

I recently updated my Hikashop Extension to Version 3.0.0 and only use the standard paypal payment funtionality. Everything works fine as long as the admin tools plugin is deactivated.

When the plugin is switched on, it is not possible anymore to put a product in the cart, and after a while I get a white screen with the message "You are a spammer or an otherwise bad person"

Hikashop and Paypal communicate during the checkout process, and Admin Tools somehow seems to interpret this data exchange as an attack. Where and how can I solve this problem? - Thanks,
Christoph

tampe125
Akeeba Staff
Hello,

can you please take a look at the Security Exception page and post here the reason of the block?

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Akeeberg32
Hi,

In the Secerity Exeption page (of the Web Firewall) I have only listed com_hikashop.
When I go to the admin tools statistics, there are a few items, in all of them the reason "tmpl=' in der URL" displayed.
Can you work with that?
thanks, Christoph

tampe125
Akeeba Staff
Mhm.. the log file should have more details about the exception.
You should find it inside Joomla log directory, if you download it and open it, you should find the exact reason of the block.
In this way we can find a workaround.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Akeeberg32
Hi! - This was the entry in the log file (i replaced URL and IP with XXXX):

-------------------------------------------------------------------------------
Blocking reason: tmpl
-------------------------------------------------------------------------------
Date/time : 2017-02-23 11:58:39 GMT
URL : http://XXXXXXXXXXXXXX.XXX/index.php/de/onlineshop/product/updatecart/add-1/cid-587?tmpl=ajax
User : Guest
IP : XXXXX
Country : (unknown country)
Continent : (unknown continent)
UA : Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

thanks!

tampe125
Akeeba Staff
Ok, now we have found the origin of your issue.
Inside Admin Tools WAF configuration page, in the Visual Fingerprint protection, add the value ajax inside the field List of allowed tmpl= keywords.
That should fix your issue.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Akeeberg32
Great, that works! - I would never have solved this without your help,
Thank you and all the best from Vienna!

tampe125
Akeeba Staff
You're welcome!

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!