Support

Admin Tools

#9803 Firewall Bad Behaviour filter causes displaying of Joomla error 500 page

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Saturday, 26 March 2011 03:42 CDT

Friday, 25 March 2011 08:27 CDT

user33181
Hi,

what exactly is being verified while "Bad Behaviour filter" is enabled in "Web Application Firewall"?

After enabling the "Bad Behaviour filter", I am facing problem of displaying standard Joomla error page "500 - view not found" after submitting the forms. E.g. when I try to submit following form, I recieve Joomla error 500 page:













"Strict Mode" option in the "Web Application Firewall" is set to "No".

How can I resolve this?

Thank you,

Friday, 25 March 2011 08:33 CDT

nicholas
The Bad Behavior option, as noted in the hyperlinks and the documentation, is integrating the Bad Behavior library to Joomla!. This library checks a number of indicators to figure out if the form submission is a potential spammer or hacker trying to gain entry to the site. It has a somewhat elevated possibility of misfiring (false positives) that's why it comes turned off by default. It's possible that the description of the submit button or the name of the task to be triggering Bad Behaviour.

You can use the new WAF Exceptions feature to exclude the component from being affected by WAF or, alternatively, you can turn off the Bad Behavior option in WAF Configuration.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 25 March 2011 12:16 CDT

user33181
I thought that Bad Behaviour is part of Admin Tools core. Now I understand, that the option "Bad Behaviour" in WAF only integrates 3rd party system, i.e. Bad Behaviour.

I have read Bad Behaviour installation instructions (http://bad-behavior.ioerror.us/documentation/porting-guide/) and it says that in order to integrate Bad Behaviour with any PHP system, it is needed to rewrite functions in file "bad-behavior-generic.php" which is used as access point to Bad Behaviour system. I suppose that Admin Tools uses file "\plugins\system\admintools\badbehaviour\generic.php" as the access point to Bad Behaviour system. However, when I compare "\plugins\system\admintools\badbehaviour\generic.php" access point to e.g. WordPress access point (i.e. file "bad-behavior-wordpress.php" in package "http://downloads.wordpress.org/plugin/bad-behavior.2.1.11.zip"), it seems to me that the functions in file "generic.php" implement only some default functionality and are not adapted to Joomla -> e.g. most of the functions does nothing but simply returns FALSE, email "[email protected]" in function "bb2_email()" is invalid etc. Is it needed to rewrite them in order to make Bad Behaviour work correctly with Joomla? Also in Admin Tools, there I didn't find "settings.ini" file, which Bad Behaviour works with according to the installation instructions.

Could you please explain to me, how exactly the Admin Tools integrates Bad Behaviour with Joomla? Is it possible to download latest DEVELOPMENT version of Bad Behaviour (i.e. http://downloads.wordpress.org/plugin/bad-behavior.2.1.11.zip) and overwrite files in directory "\plugins\system\admintools\badbehaviour" with the files from the archive? Or is it needed to make any modifications in these 16 files (apart from the modifications commented as "### AdminTools Modification --- BEGIN" and "### AdminTools Modification --- END" which are definitely needed)? And what about "setting.ini" file? Is it needed for integration implemented using Admin Tools or not?

Thanks,
Edited by user33181 on 2011-03-25 12:45 CDT

Saturday, 26 March 2011 03:42 CDT

nicholas
Admin Tools integrates the Bad Behaviour plugin fully. It doesn't use an INI file because INI files can be accessed over the web and are inherently unsafe. Instead, the options are stored in your database and provided to the library through Admin Tools' plugin. The missing functions are what Bad Behaviour uses to log intrusions and automatically apply IP ban. Since Akeeba Backup implements its own intrusion logging and IP banning, this functionality is handled by Admin Tools instead of Bad Behaviour.

For more information look inside plugins/system/admintools/pro.php, line 1483 onwards (the BadBehaviour() method of the plugin class). As you can see, the first few lines load the configuration off the database, then we set some defines required by BB and then we assemble a customized configuration array before calling bb2_start(). If it returns true (suspicious request) we call Admin Tools' blockRequest() method which takes care of logging, automatic IP banning and showing the message to the user.

If you want to update Bad Behaviour to a different version of the library, replace all files inside of plugins/system/admintools/badbehaviour except the generic.php file. However, doing that will alter the behaviour of Admin Tools' feature. Instead of the blocking being handled by Admin Tools, the block will be handled by BB itself, unless you modify core.inc.php to return a value instead of blocking the request (see our code).

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!