Forums

Protected Joomla Administrator Directory + Chronoforms

RolloMan 03 Jan, 2016
Hello,
I'm having a problem with cronoforms:
Some weeks ago I had a DOS-Attack on my Website. My Webhoster guessed me to protect the administrator directory of my Joomla installation.
I did so and protected the administrator directory via cpanel.
And now I have the problem that if someone called the page with the cronoform form he has to insert the authentification of the administrator directory
(see: http://ebbeplusflut.de/menu-service/infoanfrage ).

Are you probably aware of it?

Please can you help me with this problem?
GreyHead 03 Jan, 2016
Hi RolloMan,

At the moment, the solution is to remove the block from the admin/comoponents/com_chronoforms5 folder.as the front-end needs access to files there. It might be enough to just un-block the /administrator/components/com_chronoforms5/chronoforms/actions folder but I'm not certain of that.

ChronoForms uses the action files for both the front and backend and they need to be available from both places.

Bob
RolloMan 03 Jan, 2016
Thanxs for the answer.
I found this solution.
See: http://www.joomlaportal.de/joomla-3-x-sicherheit/315048-formular-von-htaccess-ausschlie-en.html
GreyHead 03 Jan, 2016
Hi RolloMan,

If the problem is just with the refresh image then - as a workaround - you could copy the image into the front-end somewhere - then edit the image url in line 20 of /administrator/components/com_chronoforms5/chronoforms/actions/load_captcha/load_captcha.php file

Or, use one of the other Captchas that don't need an image load.

Bob
RolloMan 04 Jan, 2016
Hi GreyHead,
thanks for your quick fix. 😀
I changed line 20 in the file and deleted the additional .htaccess-files and it worked very fine too.
GreyHead 04 Jan, 2016
1 Likes
Hi RolloMan,

Please keep a note somewhere - if you upgrade ChronoForms in the future then the fix will need to be re-done.

Bob
This topic is locked and no more replies can be posted.