Support

Admin Tools

#9907 cant save waf changes

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 08 July 2011 12:06 CDT

Tuesday, 21 June 2011 17:11 CDT

surveillance
Mandatory information about my setup:
Joomla! version: 1.6.3
PHP version: 5.3
MySQL version: (unknown)
Host: world4you
Admin Tools Professional version: download 1 week ago :)

1.After saving the first configuration I cannot change anything in WAF. No error, not fail, no changes.
But I could save someone to IP Blacklist in the Security Exeptions Log.

2.Is there any reason not to ban an IP if I got an system-e-mail about bad behavior?



Wednesday, 22 June 2011 01:32 CDT

nicholas
The WAF settings save issue which happens on a few sites should have now been fixed in the latest dev release. It's quite stable, only a few days before being released as 2.1 stable. Can you please install it and test it?

Regarding Bad Behavior, it has an itchy trigger finger. It throws a lot of false positives. That's why it's best to have the automatic IP banning take care of banning repeat offenders instead of doing that manually. Besides, IPs do not have a one-to-one relation to users. The malicious user's IP might be recycled and used by someone else in a few hours.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 27 June 2011 12:15 CDT

cas
Mandatory information about my setup:
Joomla! version: 1.6.3
PHP version: 5.2.17
MySQL version: 5.1.56-community-log
Host: HostMonster
Admin Tools Professional version: download 6/26

Hi Nicholas,

First let me say, thanks for the great tools!

I'm having the same problem of ATP not saving htaccess & WAF setting. I downloaded the latest AT pro version on 6/26. FYI, I had the non-pro version installed and just installed the pro version on top of it. I did not see any info about uninstalling non-pro first.

For the htaccess, it does write a new htaccess, but then I get the following error: "The server encountered an internal error or misconfiguration and was unable to complete your request." But the the new htaccess details are not saved in ATP. And if I just do the Save without creating a htaccess, nothing is saved in ATP.

Thanks for your help.
Chuck

Monday, 27 June 2011 13:25 CDT

nicholas
Please check something for me. Go to phpMyAdmin and look at your table list. Do you see a table named jos_admintools_storage (where jos_ is the same letters all other table names start with)?

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 27 June 2011 13:34 CDT

cas
Hi Nicholas,

No, there isn't a table with that name. Using ATP I had renamed all the table prefixes to something other than jos_, I'll use xxx_ in place of the real prefix. But either way, there is no table named xxx_admintools_storage. FYI, there is a table called xxx_ak_storage, but maybe that is related to the Akeeba Backup that I use.

Regards,
Chuck

Monday, 27 June 2011 17:35 CDT

nicholas
OK, I figured out what happened. Joomla! 1.6 has a gaping bug in the components installer. When a Joomla! 1.5 compatible package is being upgraded on a Joomla! 1.6 site, Joomla! 1.6 mistakenly does not execute the SQL file to update the database and also does not accept Joomla! 1.6-sty;e update SQL files. In other words, on Joomla! 1.6, component updates are broken unless you use a Joomla! 1.6 only package.

Almost. I now found a viable workaround which allows me to keep a single installation package which is compatible with both Joomla! 1.5 and 1.6 and which can be used for both installation and updates. I have just uploaded the fixed package in the latest dev release download area. Can you please install it and tell me if the changes are being saved? If it does work for you too, I will be releasing a new version tomorrow.

Thank you in advance!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 27 June 2011 17:47 CDT

cas
Hi Nicholas,

The install freezes with a blank screen. It did the Akeeba backup restore point and then switches back to the install screen, but it's just a blank screen. I tried this 3 times all with the same blank screen result. Should I uninstall ATP or just install over the existing version? I was trying to install over existing ATP.

Regards,
Chuck

Tuesday, 28 June 2011 02:24 CDT

nicholas
Issues fixed in 2.1.1. Please upgrade. Thank you!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 June 2011 12:25 CDT

cas
Hi Nicholas,

It works! Everything saves to the database. But it still has the same error message when I "Save & Create htaccess" of getting this error: "The server encountered an internal error or misconfiguration and was unable to complete your request". It does write a new htaccess, so I can use it as is, but it would be nice not to get the error message. Any ideas?

I also need to figure out why I'm now getting an error when trying to send mail: "Could not instantiate mail function". I tested this before ATP and it worked. Do I need to add an exception somewhere in ATP for the mail to work?

Regards,
Chuck

Tuesday, 28 June 2011 12:47 CDT

nicholas
Regarding the first error, you need to reconfigure the .htaccess Maker as per the documentation (please take a look at the big red box).

Regarding the other error, your Joomla! mail settings seem to be off. You can use the Mass Mail feature of Joomla! to send out test emails to Super Administrators to check if it's functioning or not.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 June 2011 13:21 CDT

surveillance
Thank you Nicholas, sorry about my late reply.
The problem (saving WAF) seems to be resolved now.
Thank you. Joomla 1.6 is not easy at the moment :)

I am really happy about akeeba and admintools. They open a new world to me.

But in fact, for people like me, not being involved to some major sights, it would be useful to understand, why someone is named as acting as "bad behavior" - because I think indeed it targets comment-spammers.

Tuesday, 28 June 2011 15:50 CDT

cas
Hi Nicholas,

I did read the warning section and since it was referring to the website and made no mention of the admin backend error when saving the htaccess itself, I didn't know the error was related, and wanted to bring it to your attention. Anyway, I called my host (HostMonster) and they confirmed "LoadModule mod_rewrite" is enabled. Like I said before, it does save the htaccess file and my site works fine, so this is just info for you in case it's something you want to look into.

As far as the mail error: per your advice I went to the Mass Mail program and get the following error when sending mail and when exiting the Mass Mail program:
Warning: Invalid argument supplied for foreach() in /.../plugins/system/admintools/admintools/pro.php on line 907.
Could not instantiate mail function.

Regards,
Chuck

Tuesday, 28 June 2011 15:56 CDT

nicholas
@babajagacoat You're welcome! The Bad Behaviour feature is an integration of this third party library. As we say in the documentation, visit that link for more information about how it works.

@cas mod_rewrite is just one factor. Start by disabling all .htaccess Maker features and click Save and Create .htaccess. This is the most basic .htaccess file, the same as the stock Joomla! file. The start enabling each option, one by one, clicking on "Save and Create .htaccess" after each feature is created. When you get the error, you know that the last option you enabled is not compatible with your host. Remove the .htaccess, disable that option, enable the next one, click on "Save and Create .htaccess". Repeat until you go through all of the options. It takes 30 minutes max, but you get to know the "safe settings" for that particular host.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 28 June 2011 17:33 CDT

surveillance
Ups, I did the backup, did the Joomla 1.6.4 Backup through admin-tools
and:

Fatal error: Call to undefined function __toString() in /home/.sites/494/site470/web/libraries/joomla/base/object.php on line 211

any suggestion?
I will start deinstall admintools, hope thats the right thing

Tuesday, 28 June 2011 17:35 CDT

cas
Hi Nicholas,

I figured out what is causing the server error when saving htaccess: In the first option "Disable Directory Listings" it creates the command "Options All -Indexes", but HostMonster does not allow Options All to be overridden. What the HostMonster system does is comment out this one line and then saves htaccess. That's why it was working, yet gave me the error.

I see in the htaccess file you create 3 different commands to disable directory access:
IndexIgnore *
Options All -Indexes
Options ExecCGI Includes IncludesNOEXEC SymLinksIfOwnerMatch -Indexes
Since Disable Directory Listings is such an important security feature to have enabled, do you think in some future release of ATP it might be a good idea to have 3 sub-options under Disable Directory Listings to turn on/off the commands depending on their host's restrictions?

Regards,
Chuck

Tuesday, 28 June 2011 17:43 CDT

cas
Hi Nicholas,

On the email problem, when I had all the htaccess options turned off, I still get the error when trying to send mail and exiting the Mass Mail program: Warning: Invalid argument supplied for foreach() in /.../plugins/system/admintools/admintools/pro.php on line 907.
Could not instantiate mail function.

Any other ideas for me to try?

Thanks,
Chuck

Wednesday, 29 June 2011 02:23 CDT

nicholas
@babajagacoat I assume that by "backup" you really mean "upgrade", right? In this case, you can simply download the Joomla! 1.6.4 package from http://www.joomla.org/download.html, extract it locally and upload all extracted files to your site, overwriting the existing ones. If the error persists, one of your extensions is not compatible with Joomla! 1.6.4.

@cas Regarding the first issue, it's not possible to know beforehand which of the two methods works. Please note that the second and third line you posted use the same method (setting Options) which your host does not allow. I would argue that you do not need to enable that option if you have activated the front-end and back-end protection features of .htaccess Maker. These features will disallow access to any and every directory, except those that should be accessed over the web (those containing static media files, like CSS, JS and images). So even without the index disabling, your site is still protected. In fact, more protected than using just the index disable ;)

Regarding the mail issue, please note that .htaccess and mail live in different universes. One can not affect the other. The problem you have is that the mail options set in your site's Global Configuration seem to be wrong. This is where you should look to fix things. As I said, you can temporarily turn off the "System - Admin Tools Plugin" (so that Admin Tools' protection code does not get executed) and try using the Mass Mail feature. If it fails to deliver emails, go to your Global Configuration and fix the mail settings. If it does send out emails, please post back so that I can try to see why Admin Tools can't.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 29 June 2011 03:36 CDT

surveillance
Please Nicholas, I
- updated admin tools through admin tools
- updated Joomla 1-6-3 to 1.6.4 through admin tools
- saved 1 time waf with a minor text-change
- did nothing else
(I found that maybe layout overrides are incompatible but could not find the way to resolve it.)
Only to be clear: Are you sure, admintools has nothing to do with the problem?

Wednesday, 29 June 2011 04:12 CDT

nicholas
I am pretty sure that the problem is not related to Admin Tools. However, as I always say, don't trust what I say; check it yourself (in case it's a strange bug affecting only a tiny minority of sites).

First thing, since you have manually uploaded all Joomla! 1.6.4 files we have ruled out the possibility of a bad update performed by Admin Tools. That thing crossed out of our list, we can continue investigating a potential code conflict.

Using FTP, go to plugins/system/admintools/admintools and find the file named main.php. Rename it to main-disable.php. This will cause no Admin Tools code to be loaded on your site. Try accessing your site's back-end. If the error is there, it doesn't have anything to do with Admin Tools (no Admin Tools code is running any more). Remember to rename main-disable.php back to main.php when you're done testing to reinstate the protection offered by Admin Tools to your site.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 29 June 2011 05:18 CDT

surveillance
Now it is clear that it is an admintools issue; renaming the main.php solves the problem.
To make clear:
I installed admintools free
I installed admintools
could not save WAF changes (that means: I found a few saved (project honeypot) a few not (message to the spammer).
Yesterday I updated admintools and Joomla through admintools
saved a minor change in waf (but maybe this was the first time, that waf was saved!)
Any suggestion what to do?
Uninstall admintools first? Reinstall it?

(PS If its an 1.6.4 - admintools issue, you will get more information from your clients and I will be back in the evening to check)

Wednesday, 29 June 2011 05:31 CDT

nicholas
I can not replicate it on my Joomla! 1.6.4 test sites. Please try uninstalling Admin Tools, then install the latest dev release which fixes a minor issue that could cause the issue you are experiencing, depending on other third part plugins loaded.

If the problem persists even after installing the dev release, please contact me again so that we can arrange for a way for me to perform debugging directly on your server. Thank you in advance!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 08 July 2011 01:20 CDT

cas
Hi Nicholas,

I just tried to upgrade from 2.1.1 to 2.1.2 with Admin Tools Pro Live Update and I'm getting this error:
JInstaller: :Install: Cannot find XML setup file
Invalid package type. The update can not proceed.

Any idea?

Thanks,
Chuck

Friday, 08 July 2011 05:37 CDT

nicholas
You can try the more reliable, manual upgrade. Just download Admin Tools 2.1.2 package from https://www.AkeebaBackup.com/latest and go to your site's Extensions, Install/Uninstall. Install the ZIP just like any other extension. Important: do NOT uninstall your existing copy of Admin Tools 2.1.1 from your site before installing 2.1.2; otherwise your settings will be lost.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 08 July 2011 11:57 CDT

cas
That worked. Thanks!

Regards,
Chuck

Friday, 08 July 2011 12:06 CDT

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!