Following configuration changes admin tools very helpfully sends an email with the text:
You just saved the Admin Tools' Web Application Configuration using the Admin Tools component on your site “site”. This is a generally safe process. In some cases a misunderstanding, an oversight, or a browser or server mangling your settings may result in your site not working properly or becoming inaccessible. This applies to both Joomla itself and its various third party extensions. In this unlikely event please consult the following URLs for troubleshooting instructions:
Unfortunately the link - http://akee.ba/lockedout takes one to the instructions for Joomla 3:
Using FTP to regain access to your site's administrator
The failsafe way to regain access to your site's administrator backend is using an FTP application or your hosting control panel's File Manager to rename a file.
Go inside the
plugins/system/admintools/admintoolsdirectory on your site (on older versions of Admin Tools:
plugins/system/admintools). You will see a file named
main.php. Rename it to
main-disable.php. This will turn disable the Web Application Firewall from executing and you can access your site's back-end again.
Finding the instructions for Joomla 4 was a bit more tricky as google searching gives the WordPress version.
The link should point to https://www.akeeba.com/documentation/admin-tools-joomla/atwafissues.html