I am getting a strange security exception and I am attaching a PDF of the e-mail I got. What do I do about this?
#29987 Weird Security Exception Notice
Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket
Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Environment Information
Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a
Latest post by on Wednesday, 22 August 2018 17:17 CDT
Sunday, 22 July 2018 21:29 CDT
frugalhost
Monday, 23 July 2018 02:07 CDT
nicholas
Akeeba Staff
Manager
Back in Christmas 2015 me and the other developer here at Akeeba Ltd, Davide, fixed a zero-day vulnerability for Joomla which allowed an unauthenticated attacker to execute arbitrary code on your site by using a specially crafted browser User Agent or spoofed IP address. Ever since we added a feature in Admin Tools (MUAShield and SessionShield) to catch and block these attacks before Joomla! has a chance to process them. This is exactly what happens in your case. The attacker is trying to use a malicious, spoofed IP address. Admin Tools caught this and protected your site. No reason to be alarmed, your site was SUCCESSFULLY protected by Admin Tools. Also, since you have a recent version of Joomla! your site is protected anyway because our company contributed the security fix to Joomla! two and a half years ago.
If you're wondering why we have a feature for a security issue that's fixed, there are two. For starters, it took the Joomla security team person we submitted the patch to two failed tries to apply it to Joomla!. The first failed try led to a broken release. The second one the rest of the security team ran before us and we caught the problems. So for the third try we did it ourselves. With this track record we don't feel very confident that they won't break our fix again. The other reason is that we've seen some (terrifyingly irresponsible) extensions bypassing Joomla's session handler and the protections included in it since Christmas 2015. These third party extensions are vulnerable to this security issue. Therefore stopping this kind of security issue dead in its tracks is the prudent thing to do, even if you are running an otherwise non-vulnerable version of Joomla.
If you're wondering why we have a feature for a security issue that's fixed, there are two. For starters, it took the Joomla security team person we submitted the patch to two failed tries to apply it to Joomla!. The first failed try led to a broken release. The second one the rest of the security team ran before us and we caught the problems. So for the third try we did it ourselves. With this track record we don't feel very confident that they won't break our fix again. The other reason is that we've seen some (terrifyingly irresponsible) extensions bypassing Joomla's session handler and the protections included in it since Christmas 2015. These third party extensions are vulnerable to this security issue. Therefore stopping this kind of security issue dead in its tracks is the prudent thing to do, even if you are running an otherwise non-vulnerable version of Joomla.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Wednesday, 22 August 2018 17:17 CDT
System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.