Page 1 of 1

[Solved] 403 Access Denied while adding a new admin user.

Posted: Thu Dec 26, 2013 5:13 pm
by wtfnowagain
Hello Joomla Community,

trying to add a new user in Joomla 3.2.1 to either the Manager, Administrator or Super Users groups fails with 403 Access Denied. Although I'm logged in as Super User.

Any ideas how to get around this problem? I.e. how to add a newly created user to one of the groups?

An other odd thing is: Being logged in as Super User, opening the (currently logged in) Super User profile in User Manager and pushing the "Close" button also displays the same 403 Access Denied error message.

Looks like there's something broken. Is there any way to fix this?
Any advice is welcome.
Thank you.

Re: 403 Access Denied while adding a new admin user.

Posted: Thu Dec 26, 2013 5:19 pm
by Webdongle

Re: 403 Access Denied while adding a new admin user.

Posted: Thu Dec 26, 2013 11:29 pm
by wtfnowagain
Hello Webdongle,

thank you for pointing to Forum Post Assistant. Below follows the output of Forum Post Assistant 1.2.3 (Beta). If it's of any help, I can supply a super user login to a backup running on a testserver.

Forum Post Assistant (v1.2.3) : 27th December 2013 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.2.1-Stable (Ember) 18-December-2013
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Writable (644) | Owner: fundri (uid: 1/gid: 1) | Group: users (gid: 1) | Valid For: Unknown
Configuration Options :: Offline: | SEF: | SEF Suffix: | SEF ReWrite: | .htaccess/web.config: Yes | GZip: | Cache: | FTP Layer: | SSL: | Error Reporting: | Site Debug: | Language Debug: | Default Access: | Unicode Slugs: | Database Credentials Present: No

Host Configuration :: OS: Linux | OS Version: 2.6.32-5-amd64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /usr/www/users/fundri | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.28 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 6135 | Log Errors To: | Last Known Error: | Register Globals: 0 | Magic Quotes: 0 | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 30M | Max. POST Size: 30M | Max. Input Time: -1 | Max. Execution Time: 55 | Memory Limit: 64M

MySQL Configuration :: Database Credentials incomplete or not available Nothing to display.
Missing credentials detected: Connection Type missing | MySQL Host missing | Table Prefix missing | Database Username missing | Database Password missing |
Detailed Environment :: wrote:PHP Extensions :: Core (5.3.28) | date (5.3.28) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dba () | dom (20031129) | hash (1.0) | fileinfo (1.0.5-dev) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | htscanner (0.9.1-dev) | iconv () | session () | intl (1.1.0) | json (1.2.1) | ldap () | mbstring () | mcrypt () | mssql () | mysql (1.0) | mysqli (0.1) | pcntl () | standard (5.3.28) | PDO (1.0.4dev) | pdo_mysql (1.0.2) | pdo_pgsql (1.0.2) | pdo_sqlite (1.0.1) | pgsql () | Phar (2.0.1) | posix () | Reflection ($Id: 4af6c4c676864b1c0bfa693845af0688645c37cf $) | imap () | shmop () | SimpleXML (0.1) | soap () | sockets () | SQLite (2.0-dev) | exif (1.4 $Id$) | sysvsem () | sysvshm () | tidy (2.0) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | mhash () | Zend Guard Loader () | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: com_wrapper (3.0.0) | K2 Links for JCE Link (2.2) | WF_LINKS_JOOMLALINKS_TITLE (2.3.4.4) | WF_FILESYSTEM_JOOMLA_TITLE (2.3.4.4) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.4.4) | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.4.4) | WF_POPUPS_WINDOW_TITLE (2.3.4.4) | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.4.4) | WF_AGGREGATOR_VINE_TITLE (2.3.4.4) | WF_AGGREGATOR_VIMEO_TITLE (2.3.4.4) | WF_AGGREGATOR_[youtube]_TITLE (2.3.4.4) | WF_LINK_SEARCH_TITLE (2.3.4.4) | WF_TABLE_TITLE (2.3.4.4) | WF_IMGMANAGER_TITLE (2.3.4.4) | WF_VISUALCHARS_TITLE (2.3.4.4) | WF_ARTICLE_TITLE (2.3.4.4) | WF_FULLSCREEN_TITLE (2.3.4.4) | WF_VISUALBLOCKS_TITLE (2.3.4.4) | WF_BROWSER_TITLE (2.3.4.4) | WF_MEDIA_TITLE (2.3.4.4) | WF_LINK_TITLE (2.3.4.4) | WF_SOURCE_TITLE (2.3.4.4) | WF_KITCHENSINK_TITLE (2.3.4.4) | WF_INLINEPOPUPS_TITLE (2.3.4.4) | WF_STYLE_TITLE (2.3.4.4) | WF_LAYER_TITLE (2.3.4.4) | WF_ANCHOR_TITLE (2.3.4.4) | WF_PRINT_TITLE (2.3.4.4) | WF_DIRECTIONALITY_TITLE (2.3.4.4) | WF_CHARMAP_TITLE (2.3.4.4) | WF_CLEANUP_TITLE (2.3.4.4) | WF_CLIPBOARD_TITLE (2.3.4.4) | WF_SPELLCHECKER_TITLE (2.3.4.4) | WF_AUTOSAVE_TITLE (2.3.4.4) | WF_CONTEXTMENU_TITLE (2.3.4.4) | WF_PREVIEW_TITLE (2.3.4.4) | WF_TEXTCASE_TITLE (2.3.4.4) | WF_LISTS_TITLE (2.3.4.4) | WF_NONBREAKING_TITLE (2.3.4.4) | WF_XHTMLXTRAS_TITLE (2.3.4.4) | WF_SEARCHREPLACE_TITLE (2.3.4.4) | com_mailto (3.0.0) |
Components :: ADMIN :: com_menus (3.0.0) | com_ajax (3.2.0) | com_templates (3.0.0) | com_search (3.0.0) | com_redirect (3.0.0) | com_tags (3.1.0) | com_newsfeeds (3.0.0) | com_finder (3.0.0) | com_advancedmodules (4.8.3FREE) | com_admin (3.0.0) | com_cpanel (3.0.0) | com_categories (3.0.0) | com_login (3.0.0) | Unknown (-) | JCE (2.3.4.4) | com_cache (3.0.0) | com_postinstall (3.2.0) | com_weblinks (3.0.0) | JMap (2.0.2) | Akeeba (3.9.1) | Admintools (2.5.10) | com_media (3.0.0) | com_messages (3.0.0) | sh404SEF (4.2.1.1586) | sh404sef - Offline code plugin (4.2.1.1586) | sh404sef - Analytics plugin (4.2.1.1586) | sh404sef - Similar urls plugin (4.2.1.1586) | PLG_SH404SEFCORE_SH404SEFSOCIA (4.2.1.1586) | sh404sef - System mobile templ (4.2.1.1586) | sh404sef - System plugin (4.2.1.1586) | plg_system_shlib (0.2.5.357) | sh404sef - Default component s (4.2.1.1586) | sh404sef control panel icon (4.2.1.1586) | com_languages (3.0.0) | com_joomlaupdate (3.0.0) | RokSprocket (2.0.5) | RSForm! (1.4.0 R48) | com_config (3.0.0) | com_checkin (3.0.0) | com_content (3.0.0) | com_installer (3.0.0) | com_modules (3.0.0) | com_users (3.0.0) | com_contenthistory (3.2.0) | com_banners (3.0.0) | ose_rc (3.0.4) | com_plugins (3.0.0) | Gantry (4.1.20) |

Modules :: SITE :: mod_whosonline (3.0.0) | mod_login (3.0.0) | mod_menu (3.0.0) | mod_search (3.0.0) | mod_articles_news (3.0.0) | mod_random_image (3.0.0) | mod_articles_category (3.0.0) | mod_custom (3.0.0) | mod_finder (3.0.0) | mod_breadcrumbs (3.0.0) | mod_tags_popular (3.1.0) | mod_related_items (3.0.0) | mod_footer (3.0.0) | mod_articles_categories (3.0.0) | mod_syndicate (3.0.0) | RokSprocket Module (2.0.5) | mod_weblinks (3.0.0) | mod_articles_popular (3.0.0) | mod_articles_latest (3.0.0) | RokNavMenu (2.0.7) | mod_tags_similar (3.1.0) | mod_feed (3.0.0) | mod_articles_archive (3.0.0) | mod_stats (3.0.0) | mod_users_latest (3.0.0) | mod_languages (3.0.0) | mod_wrapper (3.0.0) | mod_banners (3.0.0) |
Modules :: ADMIN :: mod_login (3.0.0) | mod_menu (3.0.0) | mod_custom (3.0.0) | sh404sef control panel icon (4.2.1.1586) | mod_version (3.0.0) | mod_title (3.0.0) | mod_status (3.0.0) | mod_toolbar (3.0.0) | MOD_AKADMIN_TITLE (3.9.1) | mod_feed (3.0.0) | mod_submenu (3.0.0) | mod_logged (3.0.0) | mod_quickicon (3.0.0) | mod_popular (3.0.0) | mod_latest (3.0.0) | mod_stats_admin (3.0.0) | mod_multilangstatus (3.0.0) |

Plugins :: SITE :: plg_extension_joomla (3.0.0) | plg_captcha_recaptcha (3.0.0) | sh404sef - Offline code plugin (4.2.1.1586) | sh404sef - Analytics plugin (4.2.1.1586) | sh404sef - Similar urls plugin (4.2.1.1586) | PLG_SH404SEFCORE_SH404SEFSOCIA (4.2.1.1586) | Authentication - OSE Webmail (2.72) | plg_authentication_ldap (3.0.0) | plg_authentication_gmail (3.0.0) | plg_authentication_cookie (3.0.0) | plg_authentication_joomla (3.0.0) | plg_system_debug (3.0.0) | System - RokCommon (3.1.7) | System - Gantry (4.1.20) | System - RokSprocket (2.0.5) | plg_system_languagecode (3.0.0) | System - Admin Tools Joomla! U (1.0) | sh404sef - System mobile templ (4.2.1.1586) | sh404sef - System plugin (4.2.1.1586) | System - Admin Tools (2.5.10) | plg_system_shlib (0.2.5.357) | plg_system_logout (3.0.0) | System - One Click Action (2.1) | plg_system_highlight (3.0.0) | plg_system_log (3.0.0) | plg_system_sef (3.0.0) | plg_system_remember (3.0.0) | PLG_SRP_TITLE (3.9.1) | PLG_SYSTEM_BACKUPONUPDATE_TITL (3.7) | plg_system_advancedmodules (4.8.3FREE) | PLG_SYSTEM_AKEEBAUPDATECHECK_T (1.1) | PLG_SYSTEM_NNFRAMEWORK (13.12.4) | plg_system_p3p (3.0.0) | System - RokExtender (2.0.0) | System - RokBox (2.0.6) | plg_system_redirect (3.0.0) | PLG_SYSTEM_AKLAZY_TITLE (3.7.GOODBYE) | plg_system_cache (3.0.0) | System - Admin Tools Update Em (1.0) | plg_system_languagefilter (3.0.0) | plg_editors_jce (2.3.4.4) | plg_editors_codemirror (3.15) | plg_editors_tinymce (4.0.10) | plg_content_vote (3.0.0) | plg_content_emailcloak (3.0.0) | Content - RokInjectModule (1.5) | Content - RSForm! Pro (1.4.0) | plg_content_pagebreak (3.0.0) | plg_content_loadmodule (3.0.0) | plg_content_joomla (3.0.0) | plg_content_pagenavigation (3.0.0) | plg_content_finder (3.0.0) | Content - RokBox (2.0.6) | sh404sef - Default component s (4.2.1.1586) | plg_user_profile (3.0.0) | plg_user_contactcreator (3.0.0) | plg_user_joomla (3.0.0) | User - OSE Webmail (2.1) | plg_quickicon_jcefilebrowser (2.3.4.4) | plg_quickicon_akeebabackup (1.0) | plg_quickicon_extensionupdate (3.0.0) | plg_quickicon_joomlaupdate (3.0.0) | plg_twofactorauth_totp (3.2.0) | plg_twofactorauth_yubikey (3.2.0) | plg_editors-xtd_article (3.0.0) | plg_editors-xtd_readmore (3.0.0) | plg_editors-xtd_pagebreak (3.0.0) | plg_editors-xtd_image (3.0.0) | Button - RokBox (2.0.6) | plg_installer_webinstaller (1.0.5) | plg_search_newsfeeds (3.0.0) | plg_search_weblinks (3.0.0) | plg_search_categories (3.0.0) | plg_search_contacts (3.0.0) | plg_search_content (3.0.0) | plg_finder_newsfeeds (3.0.0) | plg_finder_weblinks (3.0.0) | plg_finder_categories (3.0.0) | plg_finder_contacts (3.0.0) | plg_finder_tags (3.0.0) | plg_finder_content (3.0.0) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) |
Templates Discovered :: wrote:Templates :: SITE :: protostar (1.0) | beez3 (3.1.0) | rt_hexeris (1.2) |
Templates :: ADMIN :: hathor (3.0.0) | isis (1.0) |

Re: 403 Access Denied while adding a new admin user.

Posted: Fri Dec 27, 2013 1:12 am
by Webdongle
If you want to PM me a SU login I will take a quick firsthand look

Re: 403 Access Denied while adding a new admin user.

Posted: Fri Dec 27, 2013 9:04 am
by geekette
I notice that you have Akeeba Admin Tools installed. I experienced similar errors that I traced to how I had configured the Akeeba Admin Tools WAF (Web Application Firewall).

From the Administrator panel, go to Components->Admin Tools->Web Application Firewall->Configure WAF. Scroll down to the Joomla! Feature Hardening Options section. If the Disable editing backend users' properties field is set to Yes that may be your problem.

Re: 403 Access Denied while adding a new admin user.

Posted: Sat Dec 28, 2013 5:57 pm
by wtfnowagain
If the Disable editing backend users' properties field is set to Yes that may be your problem.
@geekette, thank you very much for sharing this, it solved the problem!

Re: 403 Access Denied while adding a new admin user.

Posted: Tue Jan 07, 2014 12:29 pm
by exigo5
geekette wrote:From the Administrator panel, go to Components->Admin Tools->Web Application Firewall->Configure WAF. Scroll down to the Joomla! Feature Hardening Options section. If the Disable editing backend users' properties field is set to Yes that may be your problem.
Thanks!

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Wed Jul 02, 2014 9:44 am
by snowden
I have the same problem, running Joomla 2.5 but when I open "Components" I can't see "Admin tools" :(
Any ideas how I can get to the "Disable editing back end"

Thanks

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Fri Aug 22, 2014 10:21 am
by geekette
If you don't have admin tools installed, your problem may be something else. First Step, verify that your login has Super User rights and that those rights haven't been modified from the default.

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Thu Jan 08, 2015 8:46 pm
by johnlanglois2
Geekette, thank you for posting your note.
It saved me a lot of time.

Re: 403 Access Denied while adding a new admin user.

Posted: Sat Jan 10, 2015 9:55 pm
by Mr_Anonymous
geekette wrote:I notice that you have Akeeba Admin Tools installed. I experienced similar errors that I traced to how I had configured the Akeeba Admin Tools WAF (Web Application Firewall).

From the Administrator panel, go to Components->Admin Tools->Web Application Firewall->Configure WAF. Scroll down to the Joomla! Feature Hardening Options section. If the Disable editing backend users' properties field is set to Yes that may be your problem.
Thank you so much. That helped me big time and I no way would have thought of this. Also I found other errors that were being caused by WAF setting which I was able to resolve too. Thanks for the spot on cause for this error. :)

Re: 403 Access Denied while adding a new admin user.

Posted: Fri Feb 06, 2015 11:45 am
by esskay303
geekette wrote: From the Administrator panel, go to Components->Admin Tools->Web Application Firewall->Configure WAF. Scroll down to the Joomla! Feature Hardening Options section. If the Disable editing backend users' properties field is set to Yes that may be your problem.
@ geekette Thanks for the tip...This solution has fixed my problem too....

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Thu Feb 26, 2015 9:23 pm
by cbahiana
Thank you so much, geekette, I was having that problem and you saved me!

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Wed Mar 04, 2015 4:18 pm
by bigdogcomm
Same problem solved! Had to change setting in Akeeba Admin Tools. Noticing the original post was Dec. 2013. And here it is helping so many in March 2015.

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Sat May 02, 2015 9:22 am
by Vaconi
Thanks Geekette, that was a real timesaver!

Re: [Solved] 403 Access Denied while adding a new admin user

Posted: Mon Jan 18, 2016 11:28 am
by Kjersti_H
Thank you, thank you, thank you, Geekette! You really saved my day. :)

Re: [Solved] 403 Access Denied while adding a new admin user.

Posted: Wed May 10, 2017 8:52 pm
by stogilon
Thanks Geekette!! Saved me from putting my fist through the wall!

Re: 403 Access Denied while adding a new admin user.

Posted: Fri Jan 05, 2018 5:19 am
by breeze29
geekette wrote:I notice that you have Akeeba Admin Tools installed. I experienced similar errors that I traced to how I had configured the Akeeba Admin Tools WAF (Web Application Firewall).

From the Administrator panel, go to Components->Admin Tools->Web Application Firewall->Configure WAF. Scroll down to the Joomla! Feature Hardening Options section. If the Disable editing backend users' properties field is set to Yes that may be your problem.
Thanks geekette. This resolved the issue for me.

Re: [Solved] 403 Access Denied while adding a new admin user.

Posted: Wed Oct 30, 2019 2:04 am
by abighowdy
I know this is an old post, but had the same problem and didn't have Admin Tools installed.
I was using a third party plugin to create and register users. When the user clicked the email activation link, it gave the 403 error. What I found is, even though I was creating the user, Joomla wasn't configured to allow the activation. I found I had not enabled the 'Allow User Registration' setting in Users->Options
Once I selected 'Yes' to this option, the email activation link worked.

Re: [Solved] 403 Access Denied while adding a new admin user.

Posted: Mon Jan 13, 2020 4:32 pm
by alteredegg
Thanks abighowdy; that fixed it for me. I thought AdminTools was the problem for sure.