Support

Akeeba Backup for Joomla!

#36460 Bad Request

Posted in ‘Akeeba Backup for Joomla!’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Akeeba Backup version
n/a

jjst135

Hi! We have created a backup of a Joomla 4 website and restored it on a different domain (same server) using klickstart. But when we try to open the site we get a '400 BAD REQUEST' error.

I have renamed the htacces file (.bak) but that did not help. I did notice a different error before the BAD REQUEST ERRORS, something like'to many redirects...'? Not sure.

I am not sure how to debug this. Is this a server error or a software error?

I also wanted to try to disable admin tools but I am not sue what file to rename to disable it (rename main;php). This is a different file on Joomla 4? How can I disable Admin Tools on Joomla 4 (renaming what file)?

Hope you can help me figure this out.

Kind regards,
Jip

 

 

 

jjst135

In addition: We get the error on the frontend and also on the backend.

jjst135

I figured out we need to rename plugins/system/admintools/services/provider.php to disable  Admin Tools. After this we could see the site and also log in to the backend. I will no try to figure out what needs to change in the Admin Tools settings to get it working properly. I will keep you posted...

jjst135

Mmmm, I can;t seem to figure out why I keep getting the error 'Bad Request' when I enable AdminTools again by renaming provider.php.bak to provider.php. I have create a new htaccess file using AdminTools that works fine with provider.php disabled so that leads me to believe it's the WAF. But I don't see any log items in AdminTools that can help. 

We use the same settings (it's s a copy...) on the original site on the same server. I don't think there are any specific domain related setting sin the WAF?

Can you help me out?

jjst135

Ah, there we go ;-) There is a setting in the WAF that is domain related.

Configure WAF -> Request filtering -> Allowed domains

The source domain name was filled in here. After changing this to the new domain name the issue was resolved.

I think we only started using this setting on Joomla 4 and not 3. We have had no need to change this when restoring Joomla 3 sites to another domain. Maybe we should start using this in J3 as well.

Anyway, we can move on now.

jjst135

I do have a question about this: Is there a way to change this value (Configure WAF -> Request filtering -> Allowed domains) when we restore a website to a different domain? This is not an issue when a backup is restore to the same domain, but we use the restore (also / mainly) to kickstart new sites on different domains. When we do this and we have an allowed domain set in the WAF we will immediately have the Bad Request before after restoring,. We then need to disable Admin Tools (rename file) change the setting and restore the filename. It would be helpful to have kickstart change this setting to a new domain when restoring the site? Just a thought....

nicholas
Akeeba Staff
Manager

Sorry for the late reply. Every time you post something to your ticket it gets bumped to the bottom of the queue. I wondered why an open ticket has so many replies which is why I am taking a look at this outside of the queue order :)

Yes, the allowed domain will block accessing your site if you change the domain name. This is an optional feature, useful only on some misconfigured servers. When you run the Quick Setup Wizard it's prefilled but you can of course change it e.g. completely remove its contents if you are not on an affected server.

Regarding restoration, we can't touch any component settings, not even Admin Tools. If we do we create an invisible dependency between the version of Akeeba Backup and the version of Admin Tools (or any other extension). This will be really bad if you ended up using versions of Akeeba Backup and other extensions which do not work together very well, as in “you can't ever restore your site” bad. It's best to let your site restore and need a simple manual intervention to reconfigure than breaking the entire restoration process. It's something I have explained many times the past 15 years. Given the massive changes between Admin Tools 1 and 2, 4 and 5 and 6 and 7 I can tell you it was the right way to do it.

PS: Kickstart only extracts the backup archive, it does not restore your site. It's ANGIE, the restoration script included in the backup archive at backup time, which handles your site's restoration and reconfiguration. This information is printed every time you run Kickstart.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

jjst135

Hi Nicholas! Thanks for getting back to me on this. Sorry about spamming my own ticket ;-)

Is there a way for me to test if our server is 'misconfigured' in the sense that we should add a  domain name in the WAF? If this is not the case we could just leave it empty. But then again, adding it to be just sure just is case is also a way to go...

Thanks for you other detailed feedback and also for your great software and support.

Kind regards,
Jip

nicholas
Akeeba Staff
Manager

Yes, there is a way. You need to set up a fake site name with your server's IP address in your machine's hosts file and access your site using that fake domain.

Let's say your site's server IP address is 1.2.3.4 — you can find it with https://ip-lookup.net/domain-lookup.php

On Windows download https://hostsfileeditor.com, on macOS download https://github.com/2ndalpha/gasmask/releases/latest, on Linux edit /etc/hosts directly.

Create a new line with the IP address of your site and the domain name foobar.web

For example:

1.2.3.4 foobar.web

Completely close your browser and re–open it.

Go to http://foobar.web. If you get any HTTPS warnings ignore them and proceed.

If you get a server connection error or an error page: your server is NOT affected.

If you get your site: your server is affected and you need to enable the Allowed domains feature.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

jjst135

I am familiar with the host file on my windows pc. I have used it before. When we add our server IP and 'foobar.web' and then browse to http://foobar.web/ we get 'Apache is functioning normally'. We are on a server that has multiple sites (Direct Admin). So the server/IP on its own does not 'know' what site to show. And then this default page is shown.

So does that mean our server is not vulnarable for this specific WAF feature?

 

nicholas
Akeeba Staff
Manager

Correct! This means that your server is NOT vulnerable and you do NOT need this specific WAF feature.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!

Summer vacations: Our support will be closed for replies and new tickets from August 6th to August 21st, 2022 due to summer vacations.