Hi there,

Im trying to debug your issue and suddenly your site flagged my IP:

175.143.88.48 You are showing suspicious activity. For site security, your IP has been blacklisted.

Can you help me whitelist my IP so that I can continue debugging this. By the way, I cant find your site from FTP. Is this the correct path to your site? When I var_dump on this file, nothing happen.

/public_html/index.php

Because there are errors on your site with a different path:

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; plgSystemPlg_jaamazons3 has a deprecated constructor in /home/warcho1/public_html/plugins/system/plg_jaamazons3/plg_jaamazons3.php on line 15

Please advise.

<deleted>

Everything works after errors above were cleared.

Problem is back...it worked for a little while, now no longer.

I now receive a "your sessions have expired, please login again."

Hi there,

It seems like my IP is still blacklisted. I am unable to continue debug on your site if my IP is blacklisted.

175.143.88.48 You are showing suspicious activity. For site security, your IP has been blacklisted.

I also have noticed that you have enabled cache on your site. Can you temporarily disabled all caches on your site; including caches from your server.

I suspected the issue is coming from your Sucuri Firewall. Can you temporarily turn off this and try login again to your site. Use (Ctrl + Shift + R) or (Cmd + Shift + R) to hard refresh your browser.

Thanks and please advise.

Security has been updated. You should be able to access with no problems

Thanks for getting back to us, it seems like this time i trying to login on your site frontend, then i always hitting this denied access.

The page you are looking for can't be found

Error 403 - Access Denied

Please try one of the following pages:

May i know do you have configure any restriction on your site recently?

I have security software running that blocks a few countries. I have lifted the restriction...

The issue right now is that the logout doesn't work, and it returns an invalid token.

Thanks for getting back to us,

It seems like your current cache system cached the whole page HTML code on your server, even i never login your site before on other browser, it also cached to show I am logged in your site.

This is what i see your site header information, it showing your site enabled to use this sucuri cache system on your server.

X-Firefox-Spdy: h2



access-control-allow-origin: *



cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0



content-encoding: gzip



content-type: text/html; charset=utf-8



date: Sun, 29 Apr 2018 03:29:29 GMT



expires: Wed, 17 Aug 2005 00:00:00 GMT



last-modified: Sun, 29 Apr 2018 03:07:01 GMT



pragma: no-cache



server: nginx



strict-transport-security: max-age=31536000; includeSubdomains; preload



timing-allow-origin: *



x-content-type-options: nosniff



x-frame-options: SAMEORIGIN, SAMEORIGIN



x-sucuri-cache: HIT



x-sucuri-id: 16004



x-xss-protection: 1; mode=block



200 OK

The reason why it always hit this error The most recent request was denied because it had an invalid security token. Please refresh the page and try again. is because every single login/logout, the system will generated a token code into the login/logout form under hidden input.

The tokens are randomized strings that are used to authenticate that the request being made is coming from a valid form and a valid session. This simple measure is very effective at preventing a large percentage of potential CSRF attacks, however, due to the nature of CSRF they are extremely difficult, if not impossible, to secure against completely.

Reference link : https://docs.joomla.org/How_to_add_CSRF_anti-spoofing_to_forms

Once the server cached these HTML content on the page, mean it will cached that token as well, then it will cached that login/logout issue because the user always used the same token authenticate for login and logout.

Can you request with your webhosting provider to temporary disable this Sucuri cache system first and see if the issue still persists?

What are the paths from public_html for the login and logbox modules?

I think I can work off of the information you listed above...thank you. I can configure so that the login modules aren't cached.

Perhaps you can try temporary turn off your cache system and see whether it really related with this cache issue then you only exclude these following theme PHP file which generated those HTML content on the page.

JoomlaFolder/modules/mod_easysocial_login/tmpl/default.php
JoomlaFolder/modules/mod_easysocial_login/tmpl/horizontal.php
JoomlaFolder/components/com_easysocial/themes/wireframe/login/default/default.php
JoomlaFolder/components/com_easysocial/themes/wireframe/dashboard/guests/default.php

Some other file path is generated from the Easysocial login page.