Automatic security check of the backup output directory.
We have detailed the security considerations for the backup output directory since 2007. Unfortunately, we still
see (very few) people run Akeeba Backup with a web-readable backup output directory which can be a security issue,
especially if you're using non-encrypted archives (JPA and ZIP). Starting with this version, Akeeba Backup will
evaluate the security of your backup output directory and offer to fix it for you. Moreover, you will automatically
get [RANDOM] (a random, 16 alphanumeric character string) appended to the end of the backup archive's
name whenever Akeeba Backup is not entirely convinced about the security of your output directory and always for
new installations.
Improved storage of temporary data and logs. We have removed the database storage option for temporary data stored while the backup is in progress. That was a leftover from the early days of the software back in 2007 to 2009. The server landscape has changed, making this option irrelevant. Furthermore, the log file and the “memory file” used by Akeeba Backup now has a .php extension and starts with a die statement, making it inaccessible from the web even if your backup output directory doesn't follow our security best practices. This significantly increases the security of your backup software installation even on the rare servers where the automatic security check (see above) can't make the directory inaccessible over the web.
Refactored JavaScript with automatic bundling. We have rewritten our JavaScript to use little-to-no inline scripts, instead passing runtime parameters using a JSON document embedded in the head of the HTML output – this is what Joomla calls “script options”. Moreover, we are creating an on-the-fly JavaScript bundle file which will increase the performance of the application on slow connections with a relatively high ping time e.g. slow mobile connections, satelite Internet and Internet connections in rural or underserved areas around the world.
Bug fixes and miscellaneous improvements. We regularly make changes to our backup software to address known issues and improve existing features with small tweaks that don't get an explicit mention in these release notes. Please consult the changelog below.
We only officially support the latest stable branch of Joomla!. At the time of this writing it is Joomla! 3.9.
Our software should still run on Joomla! 3.8. That version are not actively supported by us or the Joomla! project anymore. We strongly advise you to run the latest available version of Joomla! for security reasons. Older versions of Joomla! have known major security issues which are being actively exploited to hack sites.
We only officially support using our software with PHP 5.6, 7.2, 7.3 or 7.4.
Our software should still run on PHP 7.0 and 7.1 but we are no longer testing our software with this PHP version or consider it a supported environment for our software.
We strongly advise you to run either of the two latest available version branches of PHP on a branch currently maintained by the PHP project for security and performance reasons. Older versions of PHP have known major security issues which are being actively exploited to hack sites and they have stopped receiving security updates, leaving you exposed to these issues. Moreover, they are slower, therefore consuming more server resources to perform the same tasks.
Kindly note that our policy is to officially support only the PHP versions which are not yet End Of Life per the official PHP project with a voluntarily extension of support for 6 to 9 months after they become End of Life. After that time we stop providing any support for these obsolete versions of PHP without any further notice. New version branches of PHP will be supported experimentally starting sometime during their Release Candidate phase and fully about 4 to 8 weeks after the first stable version of that branch is released.