• 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!

TOPIC: 403:Access Forbidden Repeat offender (Autobanned)

403:Access Forbidden Repeat offender (Autobanned) 8 years 8 months ago #21968

  • raulmego
  • raulmego's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 7
Hello!
I have a problem, I was adding some modules in my site manager Joomla! 2.5.9 (which was recently hacked).

I suddenly sack manager and sends me the following message:
403: Access Forbidden
Repeat Offender (Autobanned)

And I can not enter my site manager to see what happens.
Can you help me regain access to my site please?

I appreciate the attention, Greetings!
The administrator has disabled public write access.

403:Access Forbidden Repeat offender (Autobanned) 8 years 8 months ago #21971

  • octavian
  • octavian's Avatar
  • OFFLINE
  • RSJoomla! Official Staff
  • Posts: 772
  • Thank you received: 104
Hello,

Please rename /plugins/system/rsfirewall/rsfirewall.php (if you are using Joomla! 2.5/3.0) or /plugins/system/rsfirewall.php (if you are using Joomla! 1.5) to rsfirewall.bak. After that, you can access your website and remove your IP from the blacklist.

You'll also need to take a look at why you have been automatically banned. Having the Automatic Blacklisting option set to Yes is only a viable option when you are sure there are no false positives on your website. From the looks of it, you have some URLs that trigger the RSFirewall! protections. You'll have to find out which URLs triggered them and why.

After you're done, remember to rename rsfirewall.bak back to rsfirewall.php.
Please note: my help is not official customer support. To receive your support, submit a ticket by clicking here
Regards,
RSJoomla! Development Team
The administrator has disabled public write access.
The following user(s) said Thank You: raulmego

403:Access Forbidden Repeat offender (Autobanned) 8 years 8 months ago #21978

  • raulmego
  • raulmego's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 7
OK, thank you very much Octavian ... But how I can find out what URL trigger automatic protection?

What I was doing when it happened the block is simply creating some modules ... from the Module Manager.

Greetings!
The administrator has disabled public write access.

403:Access Forbidden Repeat offender (Autobanned) 8 years 8 months ago #21996

  • octavian
  • octavian's Avatar
  • OFFLINE
  • RSJoomla! Official Staff
  • Posts: 772
  • Thank you received: 104
If you'd be willing to submit a support ticket and provide access to your administration section, one of our staff will gladly help you with this.

Basically, if you're using the latest version of RSFirewall! (R47) you can take a look at the "System Logs" and search for your IP. It should reveal the blocked attempts along with the URL that triggered them.
Please note: my help is not official customer support. To receive your support, submit a ticket by clicking here
Regards,
RSJoomla! Development Team
The administrator has disabled public write access.
  • 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!