Welcome, Guest
Username: Password: Remember me
Got a Joomla problem? Post as much detail about it as you can here to see if you can get a solution.

Help others in the community - post your Joomla tips and how-tos here.

TOPIC: Akeeba Admin Tools WAF - Reason 404 Shield emails

Akeeba Admin Tools WAF - Reason 404 Shield emails 6 months 2 weeks ago #8446

  • Terry
  • Terry's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 15
  • Thank you received: 6
Hi,

a recently introduced feature of the Admin Tool Web Application Firewall called 404 Shield has increased the number of emails you are getting from your sites being monitored, assuming you have the email notifications switched on. By default all that these email are actually telling you is that some misguided fool is trying to access your Joomla website with a Wordpress login/Admin URL and really it is no surprise that Wordpress users would rather use Joomla but that is for another discussion.:)

I am not really sure what the benefit of this function is yet, but maybe it will grow into something useful.

Your options are to either

to turn off 404 Shield logging all together by going into the WAF configuration, select the Cloaking Tab and flicking the switch to No.

or

you can leave 404 Shield on but remove the references to Wordpress and even replace them with something else of your own choosing, again WAF Config->Cloaking and you will see the filtering at the bottom of the page.


And for a little bit of added fun, you can goto WAF Config-> Email Templates and change the Security Exception email to include [URL] just under the 'Reason:' line and this will give you the URL for all the security exceptions you get by email.

Terry
Been working with Joomla for Fun and Work for 10 years.
The administrator has disabled public write access.

Akeeba Admin Tools WAF - Reason 404 Shield emails 6 months 2 weeks ago #8447

  • buipy001
  • buipy001's Avatar
  • Offline
  • Moderator
  • Peter Bui
  • Posts: 112
  • Thank you received: 25
Yeh, I think its a bit of a pointless feature.

With the number of spam attacks and automated hacking attempts on our sites, if we had that on we'd get 1000s of emails from each site.

I think it's better to use Joomla's Core redirect plugin to track the 404 errors and spend time in managing the redirects for them there once a week or fortnight as opposed to doing it every email that you get.

Depends all on how you want to manage your 404 errors and those annoying ways Joomla allows for non-canonical URLs to appear in search indexes.
Peter Bui

The only limitation is your imagination
pbwebdev.com

Twitter: twitter.com/astroboysoup
Facebook: facebook.com/pbwebdev
The administrator has disabled public write access.

Akeeba Admin Tools WAF - Reason 404 Shield emails 6 months 2 weeks ago #8448

  • Terry
  • Terry's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 15
  • Thank you received: 6
Hi,

what started this for me was the increase in emails because this 404 Shield came on by default with an update to AT so I think some highly active sites would be getting 100's of these emails and not realise why it had started.

The only use I could come up with is if you want to monitor a particular page or group of pages that are no longer there just to see if someone is still referring to them, but nothing that can't be done with the Core redirect.

Given the options is under the Cloaking tab it would be more useful if the shield got a match instead of sending an email it redirect the visitor back to the front page or a honeypot/tarpot rather than in most cases display the default Joomla Page Not Found. No need to tell a Wordpress hacker it is a Joomla site if you don't have to.


Might be curious enough to find out why Akeeba thought it would be useful or for what purpose he coded it.

Terry
Been working with Joomla for Fun and Work for 10 years.
The administrator has disabled public write access.

Akeeba Admin Tools WAF - Reason 404 Shield emails 5 months 3 weeks ago #8474

  • nicky
  • nicky's Avatar
  • Offline
  • Moderator
  • Posts: 51
  • Thank you received: 10
Or just turn off the emails in WAF Config -> Logging & Reporting -> Do not send email notifications for these reasons
The administrator has disabled public write access.
Time to create page: 0.044 seconds
Powered by Kunena Forum