Backports release

This version backports select features we created for and bugfixes we made to our Joomla! 4/5 version of Admin Tools in the last two years. It should help you keep your Joomla! 3 sites safer for a little bit longer, despite the fact that Joomla! 3 has gone out of support since August 2023.

Changelog

New features

• Allow Site Templates now also checks for valid template styles
• Block Suspicious Core Parameters feature
• Detect and import PHP version directives into the .htaccess Maker
• Improve HSTS support with an option which adds "includeSubDomains; preload" to the header
• ItemIDShield to protect against malformed Itemid URL parameters
• Only show warning to regenerate the server configuration file if it was generated by Admin Tools to begin with
• PHP File Change Scanner: options to scan double extensions and case-insensitive extensions
• Session Cleaner: remove database records created by Joomla! even when using a session handler other than Database
• Support bCrypt encryption for Administrator Password Protection on Apache 2.4+
• Workaround for hosts with Apache installations which do not understand the If directive

Removed features

• Joomla! 3 End of Life information
• PHP End of Life information

Bug fixes

• [HIGH] NginX Conf Maker: Backend protection would make backend unavailable in newer NginX versions
• [LOW] Double Gzip/Brotli compression for some core Joomla! files when both compression algorithms are supported
• [LOW] PHP deprecated notice about implicit float to integer conversion on PHP File Change Scanner (no functional issue)
• [LOW] opcache_invalidate may not invalidate a file
• [MEDIUM] PHP File Change Scanner fails when the MySQL packet size is too small (e.g. 1MiB) when scanning big files (>400KiB) with Calculate File Diffs enabled

Miscellaneous changes

• Updated list of user agents to block