Admin Tools 4.0.0.b1 Beta

Released on: 2016-06-22 10:52 CDT

Release highlights

Rewritten using a more modern framework. Admin Tools is now faster to use.

You can export/import WAF Blacklist and Exceptions (always forbidden and always allowed component/view/task access) along with all the other settings.

Highlight the suspicious and malicious matches on the file source in the PHP File Change Scanner results making it easier to understand which parts of each file contribute to its Threat Score.

IP whitelist and blacklist will warn you when the feature is not enabled. Many users were confused as to why the addresses they added in the IP white- or blacklist did not take effect. No more wondering, it will tell you.

Joomla! 3.6 compatibility. Joomla! 3.6 has moved the logs folder inside /administrator. Our software is now adjusted for this change.

URL redirection would issue temporary instead of permanent redirects because of a Joomla bug affacting only Joomla 3.3 and later. We are now working around said Joomla bug.

Joomla's Conservative cache mode is buggy, affecting several features of our component. For example, you could not enter a Download ID, you could not apply the proposed Secret Word and most importanty the component options were reset without warning. We are now asking Joomla to forcibly disable caching for the control panel page of our component.

WAF blacklists were unusable with RegEx matching due to a runaway equals sign. The equals sign was terminated with extreme prejudice.

Joomla! 3.4, 3.5 and 3.6 only

This version of Admin Tools will only work on Joomla 3.4 and later versions, including the upcoming Joomla 3.6 (as far as we can confirm by running it against Joomla! 3.6 beta 1).

We VERY STRONGLY advise you to update to the latest released version of Joomla! at all times. Admin Tools' support for older versions of Joomla! is only meant to be a temporary workaround while you're working on the update of your site.

Please note that we will only provide full support for the latest Joomla! version. Some features may not work at all in older Joomla! versions. We've thoroughly tested the security critical Web Application Firewall features against the supported versions of Joomla! as stated above and found them to be working properly.

PHP 5.4.0 or any later 5.x/7.x version is required

Support for PHP 5.3 is discontinued. It's end of life since August 2014 and widely considered a security risk, unfit for production sites. Our software requries PHP 5.4 or later and is compatible with PHP 5.4, 5.5, 5.6 and 7.0. We strongly recommend using PHP 5.6 or 7.0.

We'd like to remind you that Joomla! 3.4 does NOT support PHP 7. PHP 7 is only supported by Joomla! 3.5.0 and later versions. Admin Tools will work perfectly fine (and very fast!) on a Joomla! 3.5 or later site running on PHP 7.0.

Changelog

Bug fixes

  • [HIGH] Joomla! "Conservative" cache bug: component Options (e.g. Download ID, Secret Word, front-end file scanner feature) would be forgotten on the next page load
  • [HIGH] Joomla! "Conservative" cache bug: you could not apply the proposed Secret Word when prompted
  • [HIGH] Joomla! "Conservative" cache bug: you could not enter the Download ID when prompted
  • [HIGH] WAF Blacklist with RegEx matching would block all requests all the time
  • [LOW] Joomla bug would cause URL redirections to issue HTTP 303 See other (temporary) redirection instead of 301 Moved (permanent) redirection

New features

  • .htaccess / nginx.conf / web.config maker: added .well-known to the default list of allowed access folders for non-PHP files
  • Enabling HSTS in .htaccess Maker will now also avoid unsafe (HTTP) redirections wherever possible and not send the HSTS header over plain HTTP. Does not apply to NginX Conf and web.config Makers. PLEASE READ THE DOCUMENTATION!
  • Highlight the suspicious and malicious matches on the file source in the PHP File Change Scanner results
  • IP blacklist will warn you when the feature is not enabled
  • IP whitelist will warn you when the feature is not enabled
  • Improved detection and removal of duplicate update sites
  • Rewritten using FOF 3.0
  • URL Redirection is now available in the free of charge Core release
  • You can export/import WAF Blacklist and Exceptions (always forbidden and always allowed component/view/task access)

Miscellaneous changes

  • Extremely conservative .htaccess Maker settings applied by the Quick Setup Wizard because people don't bother reading the big, fat warning above the apply button
  • Joomla! 3.6 has moved the logs folder inside /administrator. Our software is now adjusted for this change.
  • Remove obsolete FOF 2.x update site if it exists
  • Warn about eAccelerator
  • Warn about end of life PHP versions

Release files

Admin Tools Core

pkg_admintools-4.0.0.b1-core.zip

918.06 Kb

Joomla! 3.4 Joomla! 3.5 Joomla! 3.6 PHP 5.4 PHP 5.5 PHP 5.6 PHP 7.0

Download now