Forbidden message in some Joomla administrator options

[mcmweb80]

Hello everyone, I'm new to this forum, but I'm writing because I don't have a way to solve this:
I upgraded 1 week ago (16-August) the site from J 3.10.12 to J 4.3.3, and now I have problems when I need to perform certain actions in the admin, I get the Forbidden message, and it leaves me disabled the whole website for a few seconds (approximately 30).

I give an example of some URLs from where I have had the problem:

administrator/index.php?option=com_checkin
administrator/index.php?option=com_config
administrator/index.php?option=com_installer&view=database
administrator/index.php?option=com_installer&view=warnings

We have contracted a shared cPanel hosting, and as a comment, it has active mod_security, mod_evasive.

[24-Aug-2023 16:57:12 UTC] PHP Warning: Undefined array key

Joomla! Instance :: Joomla! 4.3.3-Stable (Bora) 11-July-2023
Joomla! Configured :: Yes | Read-Only (444) |
Configuration Options :: Offline: false | SEF: true | SEF Suffix: false | SEF ReWrite: false | .htaccess/web.config: Yes | GZip: true | Cache: true | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: false | FTP Layer: false | Proxy: false | LiveSite: | Session lifetime: 15 | Session handler: database | Shared sessions: false | SSL: 0 | Error Reporting: default | Site Debug: false | Language Debug: false | Default Access: Public | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 4.3.3: Yes | Database Supports J! 4.3.3: Yes | Database Credentials Present: Yes |

Host Configuration :: OS: Linux | OS Version: 3.10.0-1160.49.1.el7.x86_64 | Technology: x86_64 | Web Server: Server | Encoding: | System TMP Writable: Yes | Free Disk Space : 608.02 GiB |

PHP Configuration :: Version: 8.0.30 | PHP API: fpm-fcgi | Session Path Writable: Yes | Display Errors: 0 | Error Reporting: 32759 | Log Errors To: /home/inocar/logs/inocar_mil_ec.php.error.log | Last Known Error: 24th August 2023 17:03:54. | Register Globals: | Magic Quotes: | Safe Mode: | Allow url fopen: 1 | Open Base: | Uploads: 1 | Max. Upload Size: 30M | Max. POST Size: 30M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 64M

Database Configuration :: Version: 5.7.43 (Client:mysqlnd 8.0.30) | Database Size: 255.53 MiB | #of Tables with config prefix:  155 | #of other Tables:  0 | User Privileges : GRANT ALL

PHP Extensions :: Core (8.0.30) | date (8.0.30) | libxml (8.0.30) | openssl (8.0.30) | pcre (8.0.30) | zlib (8.0.30) | filter (8.0.30) | hash (8.0.30) | json (8.0.30) | pcntl (8.0.30) | Reflection (8.0.30) | SPL (8.0.30) | session (8.0.30) | standard (8.0.30) | cgi-fcgi (8.0.30) | bcmath (8.0.30) | calendar (8.0.30) | ctype (8.0.30) | curl (8.0.30) | dom (20031129) | fileinfo (8.0.30) | ftp (8.0.30) | gd (8.0.30) | iconv (8.0.30) | imap (8.0.30) | mbstring (8.0.30) | mysqlnd (mysqlnd 8.0.30) | PDO (8.0.30) | Phar (8.0.30) | posix (8.0.30) | SimpleXML (8.0.30) | sockets (8.0.30) | sqlite3 (8.0.30) | tokenizer (8.0.30) | xml (8.0.30) | xmlwriter (8.0.30) | xsl (8.0.30) | zip (1.19.5) | mysqli (8.0.30) | pdo_mysql (8.0.30) | pdo_sqlite (8.0.30) | xmlreader (8.0.30) | Zend Engine (4.0.30) |
Potential Missing Extensions ::
Disabled Functions :: exec | passthru | shell_exec | system |

Switch User Environment :: PHP CGI: Yes | Server SU: No | PHP SU: Yes | Potential Ownership Issues: No

Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) | administrator/logs/ (---) | api/ (755) |

Elevated Permissions (First 10) ::

Database statistics :: Uptime: 140155 | Threads: 1 | Questions: 2877632 | Slow queries: 0 | Opens: 36429 | Flush tables: 1 | Open tables: 1998 | Queries per second avg: 20.531 |

Components :: Site ::
Core ::
3rd Party:: WF_AGGREGATOR_DAILYMOTION_TITLE (2.9.39) ? | WF_AGGREGATOR_VIMEO_TITLE (2.9.39) ? | WF_AGGREGATOR_[youtube]_TITLE (2.9.39) ? | WF_AGGREGATOR_AUDIO_TITLE (2.9.39) ? | WF_AGGREGATOR_VIDEO_TITLE (2.9.39) ? | WF_FILESYSTEM_JOOMLA_TITLE (2.9.39) ? | WF_LINKS_JOOMLALINKS_TITLE (2.9.39) ? | WF_POPUPS_JCEMEDIABOX_TITLE (2.9.39) ? | WF_LINK_SEARCH_TITLE (2.9.39) ? | WF_ANCHOR_TITLE (2.9.39) ? | WF_ARTICLE_TITLE (2.9.39) ? | WF_AUTOSAVE_TITLE (2.9.39) ? | WF_BROWSER_TITLE (2.9.39) ? | WF_CHARMAP_TITLE (2.9.39) ? | WF_CLEANUP_TITLE (2.9.39) ? | WF_CLIPBOARD_TITLE (2.9.39) ? | WF_CONTEXTMENU_TITLE (2.9.39) ? | WF_DIRECTIONALITY_TITLE (2.9.39) ? | WF_EMOTIONS_TITLE (2.9.39) ? | WF_FONTCOLOR_TITLE (2.9.39) ? | WF_FONTSELECT_TITLE (2.9.39) ? | WF_FONTSIZESELECT_TITLE (2.9.39) ? | WF_FORMATSELECT_TITLE (2.9.39) ? | WF_FULLSCREEN_TITLE (2.9.39) ? | WF_HR_TITLE (2.9.39) ? | WF_IMGMANAGER_TITLE (2.9.39) ? | WF_KITCHENSINK_TITLE (2.9.39) ? | WF_LAYER_TITLE (2.7.10) ? | WF_LINK_TITLE (2.9.39) ? | WF_LISTS_TITLE (2.9.39) ? | WF_MEDIA_TITLE (2.9.39) ? | WF_NONBREAKING_TITLE (2.9.39) ? | WF_PREVIEW_TITLE (2.9.39) ? | WF_PRINT_TITLE (2.9.39) ? | WF_SEARCHREPLACE_TITLE (2.9.39) ? | WF_SOURCE_TITLE (2.9.39) ? | WF_SPELLCHECKER_TITLE (2.9.39) ? | WF_STYLE_TITLE (2.9.39) ? | WF_STYLESELECT_TITLE (2.9.39) ? | WF_TABLE_TITLE (2.9.39) ? | WF_TEXTCASE_TITLE (2.9.39) ? | WF_VISUALBLOCKS_TITLE (2.9.39) ? | WF_VISUALCHARS_TITLE (2.9.39) ? | WF_WORDCOUNT_TITLE (2.9.39) ? | WF_XHTMLXTRAS_TITLE (2.9.30) ? | WF_HELP_TITLE (2.9.39) ? | JCE - Noneditable (1.0.0) ? | WF_ATTRIBUTES_TITLE (2.9.39) ? | WF_LANGCODE_TITLE (2.9.39) ? | WF_REFERENCE_TITLE (2.9.39) ? |

Components :: Admin ::
Core :: com_actionlogs (3.9.0) 1 | com_admin (4.0.0) 1 | com_ajax (4.0.0) 1 | com_associations (4.0.0) 1 | com_banners (4.0.0) 1 | com_cache (4.0.0) 1 | com_categories (4.0.0) 1 | com_checkin (4.0.0) 1 | com_config (4.0.0) 1 | com_content (4.0.0) 1 | com_contenthistory (4.0.0) 1 | com_cpanel (4.0.0) 1 | com_fields (4.0.0) 1 | com_finder (4.0.0) 1 | com_installer (4.0.0) 1 | com_joomlaupdate (4.0.3) 1 | com_languages (4.0.0) 1 | com_login (4.0.0) 1 | com_media (3.0.0) 1 | com_menus (4.0.0) 1 | com_messages (4.0.0) 1 | com_modules (4.0.0) 1 | com_newsfeeds (4.0.0) 1 | com_plugins (4.0.0) 1 | com_postinstall (4.0.0) 1 | com_privacy (3.9.0) 1 | com_redirect (4.0.0) 1 | com_search (3.0.0) 1 | com_tags (4.0.0) 1 | com_templates (4.0.0) 1 | com_users (4.0.0) 1 | com_weblinks (2.5.0) 1 | com_guidedtours (4.3.0) 1 | com_workflow (4.0.0) 1 | com_scheduler (4.1.0) 1 | com_wrapper (4.0.0) 1 | com_mails (4.0.0) 1 |
3rd Party:: Akeeba (8.3.3) 1 | COM_ALLVIDEOSHARE (3.1.0) 0 | com_bfstop (1.4.4) 0 | ChronoForms (4.0) 1 | com_djimageslider (4.1.1) 0 | HD FLV Player (2.0) 1 | ImageShow (4.9.1) 0 | ImageShow (4.9.1) 0 | COM_JCE (2.9.39) 1 | Jumi (3.0.5) 1 | System - Jumi (3.0.5) 0 | System - Jumi Router (3.0.5) 0 | com_jumi (3.0.5) 0 | COM_K2 (2.9.0) 1 | com_phocadownload (4.0.6) 1 | com_phocamaps (3.0.5) 0 | COM_SIGPRO (3.0.3) ? | mod_sliderck (1.1.7) 1 | com_sliderck (1.0.8) 1 | wmt_flow_slider (1.0.0) 1 | COM_[youtube] (3.4.6) 0 | Slideshow CK (2.4.1) 1 | com_slideshowck (2.4.1) 1 |

Modules :: Site ::
Core :: mod_articles_archive (3.0.0) 1 | mod_articles_categories (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_finder (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_search (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_syndicate (3.0.0) 1 | mod_tags_popular (3.1.0) 1 | mod_tags_similar (3.1.0) 1 | mod_users_latest (3.0.0) 1 | mod_weblinks (2.5.0) 1 | mod_whosonline (3.0.0) 1 | mod_wrapper (3.0.0) 1 |
3rd Party:: All Video Share - Gallery (3.1.0) 0 | All Video Share - Player (3.1.0) 0 | All Video Share - Search (3.1.0) 0 | BT Content Slider (2.3.11) 1 | Date2 (2.3.39b) 0 | DJ-ImageSlider (4.1.1) 0 | Easy Facebook Embedded Videos (1.0.1) 0 | MOD_FANCYPANTSACCORDION (3.0) 1 | FavPromote (2.2) 0 | FavSlider Responsive Slideshow (2.2) 0 | Flexi Custom Code (2.1) 1 | HD FLV Player (2.0) 1 | JSN ImageShow (4.9.1) 1 | JA Content Slider (2.5.4) 1 | JA News Featured (2.5.1) 1 | JA News Pro Module (2.5.2) 1 | mod_jm_articles_category (1.04) 1 | Jumi (3.0.5) 1 | Tabs & Sliders (by JoomlaWorks) (2.0) ? | K2 Comments (2.9.0) 1 | K2 Content (2.9.0) 0 | K2 Tools (2.9.0) 1 | K2 User (2.9.0) 1 | K2 Users (2.9.0) 1 | Phoca Download Section Menu Module (1.3.5) 1 | JW Player Module (3.12.0) 1 | PopUp Aholic (1.3.4) 0 | Sj Popup (1.0.0) 0 | mod_sliderck (1.1.7) 1 | Slideshow CK (2.4.1) 1 | Social Media Icon Links (1.6.0) 0 | SP Accordion module (2.7.0) 1 | SP Features (1.0) 1 | SP Simple [youtube] (1.7) 0 | SP Smart Slider (2.4) 1 | Vinaora Visitors Counter (2.5.1) 0 | [youtube] Gallery Module (3.4.6) 0 | ZT Visitor Counter module (1.0.0) 0 | MOD_VISITORCOUNTER (3.3.2-FREE) 1 |

Modules :: Admin ::
Core :: mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_latest (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_logged (3.0.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_popular (3.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_quickicon (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_stats_admin (3.0.0) 1 | mod_submenu (3.0.0) 1 | mod_title (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_version (3.0.0) 1 | mod_privacy_status (4.0.0) 1 | mod_frontend (4.0.0) 1 | mod_user (4.0.0) 1 | mod_messages (4.0.0) 1 | mod_post_installation_messages (4.0.0) 1 | mod_loginsupport (4.0.0) 1 | mod_guidedtours (4.3.0) 1 |
3rd Party:: JSN ImageShow Quick Icons (4.9.1) 1 | K2 Quick Icons (admin) (2.9.0) 1 | K2 Stats (admin) (2.9.0) 1 | Reset Hits module (3.3.0) 0 |

Libraries ::
Core ::
3rd Party:: file_fof40 (4.1.3) ? | Regular Labs Library (23.7.24631) 1 |

Plugins ::
Core :: plg_actionlog_joomla (3.9.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_captcha_recaptcha (3.4.0) 1 | plg_captcha_recaptcha_invisible (3.8) 0 | plg_content_confirmconsent (3.9.0) 0 | plg_content_emailcloak (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_finder (3.0.0) 1 | plg_content_geshi (2.5.0) 0 | plg_content_joomla (3.0.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_pagenavigation (3.0.0) 1 | plg_content_vote (3.0.0) 1 | plg_editors-xtd_article (3.0.0) 1 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_editors-xtd_menu (3.7.0) 1 | plg_editors-xtd_module (3.5.0) 0 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_extension_joomla (3.0.0) 1 | plg_extension_namespacemap (4.0.0) 1 | plg_extension_finder (4.0.0) 1 | plg_fields_calendar (3.7.0) 1 | plg_fields_checkboxes (3.7.0) 1 | plg_fields_color (3.7.0) 1 | plg_fields_editor (3.7.0) 1 | plg_fields_imagelist (3.7.0) 1 | plg_fields_integer (3.7.0) 1 | plg_fields_list (3.7.0) 1 | plg_fields_media (3.7.0) 1 | plg_fields_radio (3.7.0) 1 | plg_fields_sql (3.7.0) 1 | plg_fields_text (3.7.0) 1 | plg_fields_textarea (3.7.0) 1 | plg_fields_url (3.7.0) 1 | plg_fields_user (3.7.0) 1 | plg_fields_usergrouplist (3.7.0) 1 | plg_fields_subform (4.0.0) 1 | plg_finder_categories (3.0.0) 1 | plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | plg_finder_weblinks (2.5.0) 1 | plg_installer_folderinstaller (3.6.0) 1 | plg_installer_packageinstaller (3.6.0) 1 | plg_installer_urlinstaller (3.6.0) 1 | plg_installer_webinstaller (4.0.0) 1 | plg_installer_override (4.0.0) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 1 | plg_quickicon_privacycheck (3.9.0) 1 | plg_quickicon_downloadkey (4.0.0) 1 | plg_quickicon_overridecheck (4.0.0) 1 | plg_sampledata_multilang (4.0.0) 1 | plg_search_categories (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_newsfeeds (3.0.0) 1 | plg_search_tags (3.0.0) 0 | plg_search_weblinks (2.5.0) 1 | plg_system_actionlogs (3.9.0) 0 | plg_system_cache (3.0.0) 0 | plg_system_debug (3.0.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_highlight (3.0.0) 1 | JA Typo (2.5.7) 0 | plg_system_languagecode (3.0.0) 1 | plg_system_languagefilter (3.0.0) 0 | plg_system_log (3.0.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | plg_system_privacyconsent (3.9.0) 0 | plg_system_redirect (3.0.0) 1 | plg_system_remember (3.0.0) 1 | plg_system_sef (3.0.0) 1 | plg_system_sessiongc (3.8.6) 1 | plg_system_stats (3.5.0) 1 | plg_system_updatenotification (3.5.0) 1 | plg_system_task_notification (4.1) 1 | plg_system_httpheaders (4.0.0) 0 | plg_system_webauthn (4.0.0) 1 | plg_system_accessibility (4.0.0) 0 | plg_system_jooa11y (4.2.0) 1 | plg_system_guidedtours (4.3.0) 1 | plg_system_schedulerunner (4.1) 1 | plg_system_shortcut (4.2.0) 1 | plg_system_skipto (4.0.0) 1 | plg_user_contactcreator (3.0.0) 0 | plg_user_joomla (3.0.0) 1 | plg_user_profile (3.0.0) 0 | plg_user_terms (3.9.0) 0 | plg_user_token (3.9.0) 1 | plg_media-action_crop (4.0.0) 1 | plg_media-action_resize (4.0.0) 1 | plg_media-action_rotate (4.0.0) 1 | plg_multifactorauth_email (4.2.0) 0 | plg_multifactorauth_webauthn (4.2.0) 0 | plg_multifactorauth_fixed (4.2.0) 0 | plg_multifactorauth_yubikey (3.2.0) 0 | plg_multifactorauth_totp (3.2.0) 0 | plg_task_requests (4.1) 1 | plg_task_demo_tasks (4.1) 1 | plg_task_check_files (4.1) 1 | plg_task_site_status (4.1) 1 | plg_api-authentication_token (4.0.0) 1 | plg_api-authentication_basic (4.0.0) 0 | plg_filesystem_local (4.0.0) 1 | plg_behaviour_taggable (4.0.0) 1 | plg_behaviour_versionable (4.0.0) 1 | plg_webservices_content (4.0.0) 1 | plg_webservices_users (4.0.0) 1 | plg_webservices_templates (4.0.0) 1 | plg_webservices_media (4.1.0) 1 | plg_webservices_messages (4.0.0) 1 | plg_webservices_config (4.0.0) 1 | plg_webservices_installer (4.0.0) 1 | plg_webservices_menus (4.0.0) 1 | plg_webservices_modules (4.0.0) 1 | plg_webservices_redirect (4.0.0) 1 | plg_webservices_languages (4.0.0) 1 | plg_webservices_banners (4.0.0) 1 | plg_webservices_newsfeeds (4.0.0) 1 | plg_webservices_tags (4.0.0) 1 | plg_webservices_privacy (4.0.0) 1 | plg_webservices_plugins (4.0.0) 1 | plg_workflow_notification (4.0.0) 1 | plg_workflow_publishing (4.0.0) 1 | plg_workflow_featuring (4.0.0) 1 |
3rd Party:: PLG_ACTIONLOG_AKEEBABACKUP (8.3.3) 0 | Helix3 - Ajax (3.0.4) 1 | DirectPHP (2.5) 0 | All Video Share - Player (3.1.0) 0 | chronoforms (V4 RC3.0) 0 | HD FLV Player (2.0) 1 | plg_imageresizer (1.0 Radius) 0 | Content - JSN ImageShow (4.9.1) 0 | plg_content_jce (2.9.39) 1 | AllVideos (by JoomlaWorks) (6.1.0) 0 | AllVideos (by JoomlaWorks) (6.1.0) 0 | Content - Simple Image Gallery Pro (3.0.3) ? | Tabs & Sliders [for articles] ( (2.7) ? | Content - Load Module in Article (3.1.0) 1 | plg_content_mavikthumbnails (0.9.9.8) 0 | PLG_CONTENT_[youtube] (4.0.1) 0 | pdf_embed (2.0) 1 | Content - perchaiframe (0.2) 0 | plg_content_phocadownload (2.1.6) 0 | Phoca Maps Plugin (2.0.5) 0 | Content - JA Thumbnail (2.5.1) 0 | PLG_CONTENT_[youtube] (2.2.2) 0 | Content - [youtube] Gallery (3.4.6) 0 | Simple Image Gallery (by JoomlaWork (4.2) ? | Simple Image Gallery (by JoomlaWork (4.2) ? | Button - ImageShow (4.9.1) 0 | Editor Button - JA Typo Button (2.6.0) 0 | Button - Simple Image Gallery Pro (3.0.3) 0 | PLG_EDITORS-XTD_MODALS (12.4.0) 0 | PLG_EDITORS-XTD_MODULESANYWHERE (7.17.0) 0 | plg_editors-xtd_phocadownload (2.1.4) 0 | PLG_EDITORS-XTD_SOURCERER (9.6.0) 1 | PLG_EDITORS-XTD_TABSACCORDIONS (1.4.0) 1 | plg_editors_codemirror (5.65.12) 1 | plg_editors_jce (2.9.39) 1 | plg_editors_tinymce (5.10.7) 1 | plg_extension_jce (2.9.39) 1 | plg_fields_mediajce (2.9.39) 1 | plg_finder_k2 (2.9.0) 0 | plg_installer_jce (2.9.39) 1 | Josetta - K2 Categories (2.6.8) 0 | Josetta - K2 Items (2.6.8) 0 | Source Picasa (1.1.7) 1 | Theme Classic (1.3.4) 1 | Theme Slider (1.2.1) 1 | Inteliar Magnific Popup Image Galle (0.1) ? | K2 - Simple Image Gallery Pro (3.0.3) 0 | plg_quickicon_jce (2.9.39) 1 | plg_quickicon_akeebabackup (8.3.3) 1 | Search - All Video Share (3.1.0) 0 | Search - K2 (2.9.0) 0 | System - Accordion Plant Light (1.2.3) 0 | plg_system_bfstop (1.4.4) 0 | PLG_EASYERRORREPORTING (3.1.2) 0 | System - Helix3 Framework (3.0.4) 1 | System - Helix Ultimate Framework (2.0.14) 1 | System - JSN ImageShow (4.9.1) 0 | ImageSizer (2.5.0) 0 | System - JA Popup (2.5.3) 0 | JA T3 Framework (2.7.5) 0 | plg_system_jce (2.9.39) 0 | plg_system_jcemediabox (2.1.3) 0 | plg_system_jsnframework (1.3.0) 0 | plg_system_jsntplframework (3.2.0) 0 | System - Jumi (3.0.5) 0 | System - Jumi Router (3.0.5) 0 | System - K2 (2.9.0) 0 | PLG_LAZYLOADFORJOOMLA (3.4.1) 0 | plg_sytem_marcosinterceptor (1.6) 0 | PLG_SYSTEM_MODALS (12.4.0) 0 | PLG_SYSTEM_MODULESANYWHERE (7.17.0) 0 | plg_system_nnframework (100.0.0PRO) 0 | System - Google Maps (3.2) 0 | PLG_SYSTEM_REGULARLABS (23.7.24631) 1 | PLG_SYSTEM_SOURCERER (9.6.0) 1 | T3 Framework (2.7.0) 0 | plg_vvisit_counter (2.5.0) 0 | System - ZT Visitor Counter plugin (1.0.0) 0 | plg_system_osmylicensesmanager (2.0.15) 0 | PLG_SYSTEM_AKVERSIONCHECK (8.3.3) 1 | PLG_SYSTEM_BACKUPONUPDATE (8.3.3) 1 | PLG_SYSTEM_TABSACCORDIONS (1.4.0) 1 | User - K2 (2.9.0) 0 | User mail restriction (1.0.0) 0 | User mail restriction (1.0.0) 0 |

Templates :: Site :: atomic (2.5.0) 1 | beez5 (2.5.0) 1 | beez_20 (2.5.0) 1 | Favourite (4.1) 0 | forte (1.0) 1 | ja_elastica (2.5.7) 1 | jsn_boot_pro (3.1.0) 1 | jsn_escape_free (2.1.0) 1 | Plain Design (2.0) 1 | shaper_helix3 (3.0.3) 1 | shaper_helix3 (2.5.2) 1 | shaper_helixultimate (1.0.1) 1 | tk_gen_free_ii (2.0.0) 1 | cassiopeia (1.0) 1 |
Templates :: Admin :: bluestork (2.5.0) 1 | atum (1.0) 1 |

[ceford]

Your Memory Limit is too small - it should be 256M or more. The 30 second outage may be related to your Max Execution Time - but don't change that - something else is wrong. It may be related to JavaScript. Open your browser Developer Tools and see if there are any console errors when you reload those faulty pages.

[mcmweb80]

Your Memory Limit is too small - it should be 256M or more. The 30 second outage may be related to your Max Execution Time - but don't change that - something else is wrong. It may be related to JavaScript. Open your browser Developer Tools and see if there are any console errors when you reload those faulty pages.

Greetings again.
Reviewing the page with the developer, I noticed that after logging into the administrator, the browser Developer Tools console appears as Forbidden:

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

administrator/index.php?option=com_installer&task=update.getMenuBadgeData&format=json

Also, I could see from a previous forum post (viewtopic.php?t=1001198):

One of the main bugs was the debug mode causes Memory exhausted errors after a while specifically on the first administrator/index.php?option=com_cpanel&view=cpanel&dashboard=system page on the getMenuBadgeData Ajax calls. This only happens with debug mode enabled and was repeatable in my tests, but as it's an Ajax request I doubt anyone else is going to notice this or report it.

So given this situation, how could you advise me to solve the Forbidden problem?

[mcmweb80]

Your Memory Limit is too small - it should be 256M or more. The 30 second outage may be related to your Max Execution Time - but don't change that - something else is wrong. It may be related to JavaScript. Open your browser Developer Tools and see if there are any console errors when you reload those faulty pages.

Sorry I forgot to mention that this points to the file:

media/system/js/core.min.js

[Mr. Wimpy]

Not sure what certain actions are, but...

...your extensions are not up-to-date, and...
...templates from J2.5 are still there

- Update extensions
- Uninstall unused extensions, including templates, languages etc

FYI: K2 is (still) not compatible with J4

[ceford]

You can use the line you reported directly in your browser:

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

For me it returns:

{"success":true,"message":null,"messages":null,"data":""}

The code that creates the message you see occurs in a number of places. This is one instance:

Code: Select all

        if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) {
            throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED'));
        }

So either, your session has expired so you have been logged out, or you are using an account that does not have permission to do updates, or there is something wrong with your permissions.

Check your Global Permissions and your Installer Permissions.

[mcmweb80]

You can use the line you reported directly in your browser:

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

For me it returns:

{"success":true,"message":null,"messages":null,"data":""}

The code that creates the message you see occurs in a number of places. This is one instance:

Code: Select all

        if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) {
            throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED'));
        }

So either, your session has expired so you have been logged out, or you are using an account that does not have permission to do updates, or there is something wrong with your permissions.

Check your Global Permissions and your Installer Permissions.

Greetings.

As recommended, I increased the memory to 256M.
The Forbidden message keeps coming up, and I can't perform certain actions on the website as I'm afraid it will crash.

I must indicate that everything was done with the super user.
I have checked the global permissions, and all the actions are inherited, except the super user that is allowed.

Regarding the installer permissions: they are all inherited.

Now I ask, is it okay how I have the permissions configured or not? In Joomla 3 I definitely never had these problems.

Thank you for your answers.

[Lara1John]

If you're encountering a "Forbidden" message in some Joomla administrator options, it usually indicates a permission issue. This error typically occurs when the user account you're using doesn't have the necessary permissions to access or perform certain actions in the Joomla administration panel.

Here are some steps you can take to troubleshoot and resolve this issue:

• Check User Permissions:

Ensure that the user account you're using has the appropriate permissions to access the specific administrator options. Joomla provides different user groups with varying levels of access. Make sure your user account is part of a group that has the necessary privileges.

• Super User Account:

If you're using a user account with super user (administrator) privileges, ensure that no changes have been made to its permissions that might be causing the issue.

• Global Configuration:

Log in with a super user account and go to "System" > "Global Configuration." Check the "Permissions" tab to ensure that the correct user groups have access to different sections of the administrator panel.

• Extension Permissions:

If the issue is related to a specific extension or component, check its permissions settings. Many extensions have their own access control settings that can be adjusted from the "Options" or "Permissions" section of the extension.

• Cache and Cookies:

Clear your browser's cache and cookies. Sometimes, stored data can cause unexpected issues with accessing certain parts of the administrator panel.

• File and Folder Permissions:

Incorrect file and folder permissions can also lead to access issues. Make sure the Joomla files and directories have the correct permissions set. Generally, directories should have a permission of 755, and files should have a permission of 644.

[Webdongle]

"PHP Warning: Undefined array key " is a clue. Looks like something is trying to get a value from the database where there is no value or something is trying to get a null value.

From the Templates you have your Joomla has been migrated from 2.x at some stage. Uninstall the old Templates the try reinstall core files (in Joomla update). The try Discover.

[mcmweb80]

You can use the line you reported directly in your browser:

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

For me it returns:

{"success":true,"message":null,"messages":null,"data":""}

The code that creates the message you see occurs in a number of places. This is one instance:

Code: Select all

        if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) {
            throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED'));
        }

So either, your session has expired so you have been logged out, or you are using an account that does not have permission to do updates, or there is something wrong with your permissions.

Check your Global Permissions and your Installer Permissions.

Greetings.

As recommended, I increased the memory to 256M.
The Forbidden message keeps coming up, and I can't perform certain actions on the website as I'm afraid it will crash.

I must indicate that everything was done with the super user.
I have checked the global permissions, and all the actions are inherited, except the super user that is allowed.

Regarding the installer permissions: they are all inherited.

Now I ask, is it okay how I have the permissions configured or not? In Joomla 3 I definitely never had these problems.

Thank you for your answers.

Hi, thanks for your response.
As you indicate, can I execute this line directly in the browser, without it giving me any problems?:
administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

As I already wrote above, I increased the memory, but the problem persists.

[mcmweb80]

"PHP Warning: Undefined array key " is a clue. Looks like something is trying to get a value from the database where there is no value or something is trying to get a null value.

From the Templates you have your Joomla has been migrated from 2.x at some stage. Uninstall the old Templates the try reinstall core files (in Joomla update). The try Discover.

Hi, thanks for your response.
I am not very sure how to reinstall the Joomla core files, and even more so, I am afraid that it will cause a failure that will render the entire website inactive.

On the other hand, I ask: is it necessary to use the .htaccess file that comes by default now that I upgraded to Joomla 4?

I am using an .htaccess file that I had in Joomla 3 version, and it never gave me any problems.

If so, should I use the new version 4 .htaccess file?

[Webdongle]

...
I am not very sure how to reinstall the Joomla core files, and even more so, I am afraid that it will cause a failure that will render the entire website inactive....

Joomla update component >>> reinstall core files. No it will not break your site.

[Per Yngve Berg]

Yes, the .htaccess file in J4 is very different from the one in J3.

Forbidden messages are caused by rules in mod_security. Your host should be able to examine the logs and correct the rule.

[mcmweb80]

...
I am not very sure how to reinstall the Joomla core files, and even more so, I am afraid that it will cause a failure that will render the entire website inactive....

Joomla update component >>> reinstall core files. No it will not break your site.

Hello.

I am not presented with that option.
Is there a way to activate it?

[Webdongle]

Sorry forgot to say you need to click to check for update first.

update 01.JPG

update 02.JPG

[mcmweb80]

Greetings to all.

Is it advisable to use the htaccess file that comes with the Joomla 4 installation?

What I'm trying to find out is if I should use the htaccess.txt file and name it .htaccess

The issue with the Forbidden in the admin area persists!

[ceford]

For Joomla 4 - Yes. This article was last update in March 2023: https://docs.joomla.org/Preconfigured_htaccess

I read somewhere that you should always review your .htacess file after a Major/Minor upgrade but I don't remember where.

[mcmweb80]

For Joomla 4 - Yes. This article was last update in March 2023: https://docs.joomla.org/Preconfigured_htaccess

I read somewhere that you should always review your .htacess file after a Major/Minor upgrade but I don't remember where.

greetings again.

I am using the .htaccess file that comes with the Joomla 4 installation, and it works fine on the website.
The problem is still the Forbidden in the administrator.

When I examine the error it gives me the URL:

administrator/index.php?option=com_installer&task=discover.getMenuBadgeData&format=json

I get to a line of code from the file

/media/system/js/core.min.js which is where the error is:

Code: Select all

if (o.onBefore && !1 === o.onBefore.call(window, n))
                     return o.promise && t.call(window, n),
                     n;
                 n.send(o.data)

I have already followed the solutions that have been indicated to me here, and nothing works.
Well, the only thing I haven't done yet is reinstall the Joomla core files.

[Per Yngve Berg]

https://www.inmotionhosting.com/support ... important/

[mcmweb80]

greetings

My problem persists and I still haven't found the solution.
I have checked with my hosting provider, and there are no records of mod_security blocking any actions.
I've read some of the new https headers that Joomla 4 has implemented, and I'm wondering if it's necessary to activate them or not.

Is this perhaps causing the error message or not?

My entire website works fine, I balance the Forbidden that appears at certain times in the administration area.

[ceford]

Have you tried this yet?

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

Set Debug System to Yes and Error Reporting to Maximum and see what it says.

[mcmweb80]

Have you tried this yet?

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

Set Debug System to Yes and Error Reporting to Maximum and see what it says.

Greetings.

When I activate the options you indicate, the Joomla console appears, but I don't see anything suspicious.

If I access the address:

Code: Select all

administrator/index.php?option=com_joomlaupdate&task=getMenuBadgeData&format=json

No message is displayed, since I am not inside the Joomla console, but in the browser it shows me what the image shows:

json.JPG

On the other hand, I see the Forbidden message in the Developer Tools browser console, and it appears like this:

forbidden.JPG

I do not continue executing after that, since the Forbidden message appears in the browser, and causes the site to be down for approximately 30 to 40 seconds.

[ceford]

Your screenshot shows that you have a plugin that is triggering an Akeeba backup before update. It says you can disable the plugin. Maybe you should take a backup manually. Then disable the plugin and try Update again. I do not use Akeeba backup myself so maybe someone else can chip in with further advice.