You can look up the list of reasons each request has been blocked in https://www.akeeba.com/documentation/admin-tools/waf-log.html#waf-log-reasons
For “Admin Query String” it says: Someone tried to access your site's administrator section but he didn't provide the secret URL parameter. Admin Tools blocked him and prevented him from seeing the login page at all.
So, it has nothing to do with the IP workarounds. It tells you to look at the Administrator Secret URL Parameter feature: https://www.akeeba.com/documentation/admin-tools/web-application-firewall.html#wafconfopt-secret-url-param
Now you know what you need to do.
Go to Admin Tools, Web Application Firewall, Configure WAF, find the “Administrator secret URL parameter”. You need to tell your user to use it. If the secret URL parameter is fooBAR
and the URL to your site is https://www.example.com
then they need to access the administration interface's login as https://www.example.com/administrator/index.php?fooBAR
(note that it's case sensitive).
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!