Admin Tools 3.0.0 Stable

Released on: 2014-05-06 03:38 CDT

Release highlights

A better, more stable way to install and update the database tables. Previous versions were using the database installation and update code in Joomla! itself which was notoriously buggy and resulted in erratic behaviour. In this release we use our own database installer / updater for the base tables of our component. Unfortunately, due to the rules in the Joomla! Extensions Directory, we still have to rely on Joomla!'s code for the administrator menu item creation which may cause no menu item appearing under components on very few sites. We are aware of it, we know how to fix it, but we are not allowed to on penalty of being permanently banned from the directory!

Show the update information in the control panel page. In the previous version we introduced the integration with Joomla!'s own extensions updater. Unfortunately you could no longer see the update information in the component's control panel page. This version fixes it and allows you to force-reload the update information if you need to as Joomla! no longer lets you do that in the latest 3.x versions (for no good reason, really).

Some features not shown on servers which don't support them to prevent confusion. Namely the "Emergency off-line", ".htaccess Maker" and "Password-protect administrator" are not shown on servers which are known to not support .htaccess files. Also the "Permissions Configuration" and "Fix Permissions" features are not shown on Windows servers as the notion of permissions does not exist there. Please remember that when Admin Tools is not absolutely sure it will display the feature anyway!

NginX Configuration Maker brings the power of the .htaccess Maker to the high-performance NginX server! The generated configuration can be added manually to your nginx.conf file or a file can be written in your web root to be included by NginX (note: only the first option is considered secure).

Option to reset Joomla!'s Two Factor Authentication when a user resets their password. Sometimes users who have enabled the Two Factor Authentication (TFA) features on Joomla! 3.2 and later lose their device. Normally they have to go through a site administrator to have them manually deactivate the TFA. With this option the TFA is disabled following a successful password reset of the user account. It's less secure but more convenient.

ON POPULAR REQUEST: Added template emails for security exceptions notifications. You can now have a different email sent out depending on the security exception type. You can also define rate limits for emails so that your inbox doesn't get flooded when you're under attack by a botnet that Admin Tools is successfully coping with.

ON POPULAR REQUEST: Repeated auto-bans can lead to permanent ban. If an IP is constantly triggering the automatic IP ban feature it can get permanently banned, i.e. added to the IP Blacklist. You can configure if and when this will happen.

Forbid HTTP TRACE and TRACK methods (XST protection). One more protection added to .htaccess and NginX Configuration Maker, this time preventing Cross Site Tracking attacks which tend to leave no traces in your server access logs.

Away schedule. Block access to the administrator section of your site between certain times of the day. Useful if you are the sole administrator of a site and don't want hackers to have a chance of logging in while you are fast asleep.

ON POPULAR REQUEST: Admin cloaking. Admin Tools can cloak your administrator URL. Going directly to http://www.example.com/administrator will throw you back to the site's main page (and a security exception will be logged). Instead, going to http://www.example.com/mysecret (where mysecret is configurable) will allow you to see the administrator login page.

...plus the usual refinements and bug fixes!

Important note regarding Joomla! updates

Admin Tools 2.5.7 and later no longer includes the Joomla! Updater feature and the Joomla! update icon notification plugin. As the core Joomla! Update component and icon notification plugin, written by our team and donated to the Joomla! project, have a very slow release cycle we decided to release an improved Joomla! update component called Akeeba CMS Update. It is available free of charge.

Changelog

Bug fixes

  • [HIGH] Accessing the component fails on Joomla! 3.2.x if the core database has not been updated
  • [HIGH] The Published field of Redirect URLs was not respected
  • [LOW] Uncatchable Joomla! warning appears in .htaccess Maker when creating .htaccess and a .htaccess file doesn't already exist
  • [LOW] We should not ask users of the Core version to install the GeoIP plugin
  • [MEDIUM] Updating the GeoIP database throw a fatal error when the GeoIP library has not been loaded

New features

  • Allow the user to forcibly reload the update information from the component's control panel page
  • Automatically reorder the plugin to be the first published system plugin when you access the component's control panel page
  • Automatically repair Admin Tools' database tables in case of an update going wrong
  • Database table installation, uninstallation and update is now handled by our own code instead of the unreliable JInstaller code
  • Do not show the "Emergency off-line" and "Password-protect administrator" on servers which do not support .htaccess files
  • Do not show the "Permissions Configuration" and "Fix Permissions" features on Windows servers as the notion of permissions does not exist there
  • Show update information in the component's control panel page
  • [PRO] Added "Away schedule" feature
  • [PRO] Added template emails for security exceptions notifications
  • [PRO] Admin Tools will notify you whether .htaccess / NginX Configuration Maker are supported on your server
  • [PRO] Forbid HTTP TRACE and TRACK methods (XST protection)
  • [PRO] NginX Configuration Maker brings the power of the .htaccess Maker to the high-performance NginX server!
  • [PRO] Option to reset Joomla!'s Two Factor Authentication when a user resets their password
  • [PRO] Repeated auto-bans lead to permanent ban (configurable)

Miscellaneous changes

  • Joomla! 3.x was missing icon classes for some core buttons, e.g. the Back button.
  • Replaced calls to JRequest with calls to JInput

Release files

Admin Tools Core

com_admintools-3.0.0-core.zip

1.03 Mb

PHP 5.3 PHP 5.4 PHP 5.5 Joomla! 2.5 Joomla! 3.2

Download now