AdminTools

May 11, 2016
AdminTools
  • AdminTools from akeebabackup.com is a security component.

    .htaccess Maker(top)

    With the default settings (Frontend protection=Yes) .htaccess Maker in AdminTools is preventing any access to .php from "outside" Joomla, to images files outside specific directories etc.

    Fabrik needs access to

    list/form/details template_css.php and custom_css.php(top)

    Solution:
    add in the "Exceptions" section, in the box "Allow direct access, including .php files, to these directories" the paths to the Fabrik templates:

    components/com_fabrik/views/form/tmpl
    components/com_fabrik/views/list/tmpl

    You can add the "details" also if you use them.
    if you want to be very strict with security, you can specify the template:

    components/com_fabrik/views/form/tmpl/bootstrap

    or be looser and just give access to all views:

    components/com_fabrik/views

    image files in cache/com_fabrik/staticmaps(top)

    Solution: add directory to
    Fine tuning: Front-end directories where file type exceptions are allowed

    plugins/fabrik_element/captcha/image.php (at the time of writing: June 2015, Fabrik3.2.1) (top)

    Solution: add file to
    Exeptions: Allow direct access to these files

    Web Application Firewall/Configure WAF(top)

    Visual Fingerprinting Protection(top)

    If you set "Block tmpl=foo" to YES you must add "bootstrap" to the "List of allowed tmpl= keywords"


    In any case, after enabling AdminTools, always check the different types of pages with Firebug/Console to spot the 403 errors and make the appropriate corrections in the Exceptions and Fine Tuning
futuron likes this.