Support

Admin Tools for WordPress

#33191 – Importing new products into WooCommerce

Posted in ‘Akeeba Admin Tools for WordPress’
This is a public ticket. Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Wednesday, 10 June 2020 09:08 CDT
wicko
Using WordPress 5.4.1 with Admin tools Pro 1.2.1

I use a tool to import and update product details in Woocommerce. When I tried to import new updates to my products the site blocked me saying I was a hacker.

I know I need to add exceptions to my htaccess for this but not sure what folder or files I need to add. The files appears to upload ok, but when the tool tried to then update all the product filed it stopped.

How would I go about figuring out what exceptions I need to add?

regards

David

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Wednesday, 10 June 2020 09:44 CDT
dlb
David,

The fact that you got the "You are a bad person" message suggests that the problem is in WAF, not .htaccess. If that is the case, the reason for the block would be in the Security Exceptions Log. Now, the log is cleared when you clear the block on your IP so you may have to create the error again to see what it was.

The documentation for figuring out the exceptions is here. That's in the Joomla! section of our Troubleshooting Guide but the steps are the same for WordPress.

And finally, it is possible that both .htaccess and WAF are blocking you. So if the WAF Exceptions don't seem to work, don't be surprised. Just let me know and we'll beat it into submission.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Wednesday, 10 June 2020 10:08 CDT
wicko
Ok I will try and break it again so I can find the exception.
But when I get the 'You are a bad person' message how to I get back into my site?
I have done this serveal times on Joomla which is a breeze specially nowwith the Rescue Mode, but not sure which files and location I need to change to allow access again.
I was at a crossroad last time and just did backup restore.

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Wednesday, 10 June 2020 10:12 CDT
dlb
I'm sorry, I thought you were able to get back in. Restoring from backup works, but is a little drastic.

The instructions are in the Troubleshooting Guide, here.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Thursday, 11 June 2020 07:20 CDT
wicko
Ok managed to get the error again and was able to unblock myselt. But when I check the Security Exception log and Auto IP Blocking history I only see Login failure issue. None are my IP. I have run the Optimize WAF optiopn. Still getting the issue.

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Thursday, 11 June 2020 07:48 CDT
wicko
Had to use nuclear option to get me back in this time. Can't add it back as the moment I do I am blocked.

What should I try next?

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Thursday, 11 June 2020 08:13 CDT
dlb
David,

We had a little problem with the order of things. When you unblock your IP, the entries in the log for that IP are purged. That's why you didn't see any entries with your IP. Let's try it again:
  1. Trigger the error. Once should be enough, you don't need to be locked out to see what we're looking for.
  2. If necessary, rename main.php to gain admin entry.
  3. Check the log to see the error for your IP address before you clear your IP.
That should give us the information we're looking for.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Thursday, 11 June 2020 09:38 CDT
wicko
Sorry but where is main.php on WordPress?

In my wp-content > plugins > admintoolswp I have the following PHP files

admintoolswp.php
CHANGELOG.php
filescanner.php
index.php
version.php

Also Folder for:
app
helpers
language

regards

David

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Thursday, 11 June 2020 09:45 CDT
wicko
ok found it. It was deep

wp-content > plugins > admintoolswp > app > plugins > waf > admintools > main.php

The reason for my block is DFIShield

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Thursday, 11 June 2020 09:53 CDT
dlb
DFIShield has been giving us problems and the decision has been made to remove it from the next version of Admin Tools.

Go to Web Application Firewall, Configure WAF, on the Request Filtering tab, set "Direct File Inclusion shield (DFIShield)" to No.


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

Thursday, 11 June 2020 09:56 CDT
wicko
Done.

Thanks for that.

Been using Admin Tool for years on Joomla and swear by it. Now working on some WordPRess sites and want to include those tool I know and trust such as Akeeba products.

Thank You
David

Web design and development in Reading and Oxfordshire UK.

Wicko Web design

Thursday, 11 June 2020 09:58 CDT
dlb
You're welcome!


Dale L. Brackin
Support Specialist


us.gifEnglish: native


Please keep in mind my timezone and cultural differences when reading my replies. Thank you!


????
My time zone is EST (UTC -5) (click here to see my current time in Philadelphia, PA)

This ticket is closed, therefore read-only. You can no longer reply to it. If you need to provide more information, please open a new ticket and mention this ticket's number.