Support

Admin Tools

#33950 Using NordVPN locks me out when I try to logging

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by mol4 on Monday, 26 October 2020 02:44 CDT

Sunday, 25 October 2020 08:16 CDT

mol4

Hello,

Since a few days I'm using NordVPN.

This offers you to 'anonymise' your online presence by logging in from another IP adres then your own and the traffic is secured or cloaked in some way if I understand this correctly.

When I'm trying to login in a customers website backend I'm thrown out by Admin Tools and have to gain access again with the rescue URL.

How can this be?

I'd like to "Use the Support section's search first" but I don't see a search button anywhere. So sorry if this question is already asked.

Thanks!

Greetings, Ton

Monday, 26 October 2020 01:10 CDT

nicholas

The search button is at the top right corner of the site. It's the magnifying glass icon. It opens a search box with a custom DuckDuckGo search.

Regarding the VPN provider, please remember that using a VPN means that all of your traffic appears to come from the exit IP used by the VPN provider. You are not the only person using that VPN. Spammers and hackers might also be using that and get its IP blocked on your client's site. This is why it gets blocked.

Please note that it DOES NOT make sense to use a third party VPN when accessing the backend of a site under your control. In fact, it is bad security practice doing so! Your actions are logged by the VPN*, including all GET parameters in the URLs you visit. This undermines your security. Furthermore you are accessing the site using the VPN's IP address which means that you will either get blocked when someone else using the same VPN attacks your site or you are effectively unblocking that IP, allowing everyone using that VPN to attack the site as if Admin Tools wasn't installed.

The only valid uses of a third party VPN are a. when you're in a situation where hiding your browsing among a bunch of similar traffic can reasonably lower your chances of being swept up by a repressive regime and b. to spoof your IP geolocation for geo-restricted sites (which is why we removed GeoIP blocking from Admin Tools as a totally ineffective security measure). Everything else is marketing hype. It's definitely NOT a security measure when accessing your sites.

* Yeah, I know they say they don't do that. A few months ago a security researcher found databases belonging to VPN providers accidentally left open to the public and they do, indeed, log everything. It makes sense. If a client of theirs uses the VPN for illegal activity they get a bang on the door from the authorities. If they don't keep logs they will be shut down and bear responsibility for the illegal actions of their clients. Logging means they can help the authorities and continue to operate. What they can do is choose which authorities to work with, based on jurisdiction. Just like a regular ISP.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 26 October 2020 02:44 CDT

mol4

Hello Nicholas,

Thanks for this clarifying reply :-)
I will take notice of this and log-out of the VPN while I'm at work.

Thanks!
Greetings, Ton

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!