Support

Admin Tools

#42436 SIte Blocked for a superuser by htaccess?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
5.4.0
PHP version
8.2.29
Admin Tools version
7.8.3

Latest post by nicholas on Thursday, 13 November 2025 01:36 CST

Wednesday, 12 November 2025 11:04 CST

Nick_Q

Hi Nicholas/All,

I have an issue with an extension from Joomdonation (Tuan) regarding the quality of images rendered and arranged a superuser access for him to investigate.  I have done similar things in the past without incident, but in this case, Tuan is faced by what looks like a second login from htaccess authentication, I think!

I also created a superuser account for him by removing the hardening option to protect superuser access, and the blocking screen gets presented. I then used Admin tools to create a temporary superuser login, and the same block is created.

I have no other restrictions set with IP restrictions, either to block or to allow, so I am at a loss as to what is causing this restriction.  I assume I have missed something, but I have to admit I  have not seen this before, so what have I missed?

As usual, your incite would be most appreciated!

Wednesday, 12 November 2025 12:18 CST

nicholas

I assume you are talking about the administrator directory password protection feature? In this case, you can either disable this feature through Admin Tools, or use the method described at the very beginning of its troubleshooting page.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 12 November 2025 23:49 CST

Nick_Q

Hi Nicholas,

Thanks for your response...

This is really odd. I am sure I checked this, and it was not active. I have no recollection of setting this and no reason for doing so. However, on checking again, sure enough, there it was!  I also record ALL username password combinations, and there is no entry for this protection!

Does that make any sense to you at all?  (or is it just me losing it!)

Thursday, 13 November 2025 01:36 CST

nicholas

It makes perfect sense to me, because this is not really an Admin Tools feature; it's a web server feature. It's called directory password protection. You may have not used Admin Tools to apply it, even. You may have used your host's directory password protection feature. Or, you may have done it so long ago you forgot about it – but your browser still remembered it, that's why it hasn't asked you since.

To be fair, this kind of forgetting it's there is more common and easy to happen than you'd think. I have a local site where I had enabled this feature months ago and forgot about it. When I tried accessing the administrator using a different browser I got the popup and my brain bluescreened for a second or two until I realised that I am both the detective and the killer in my site murder mystery thriller :D

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!