What's new?

Backend management tables multiple row select and column hiding support. All backend views displaying a table of item now support the standard core Joomla! admin table features. You can select which columns to hide using the Columns dropdown above the table. You can make multiple row selections by holding down SHIFT, or CTRL (Windows, Linux) / CMD (macOS) while clicking on any empty space anywhere in the row. A little thing which will make management of long lists, like the IP blocks and log entries, easier.

Automatically delete Temporary Super Users no longer linked to Joomla users. The Temporary Super Users feature was only deleting temporary Super Users either when they were expired, or when you deleted the user through Joomla's Users page while the System - Admin Tools plugin is enabled. If you deleted the user externally (e.g. directly from the database, or while the System - Admin Tools plugin is disabled) a confusing record with no username displayed was left behind. Trying to edit it would just throw an error. These records are now deleted automatically, and if you see one it won't be breaking the application when you try to edit it.

Accurate PHP CLI path in the PHP File Change Scanner Scheduling page. In the past we were using a generic placeholder /path/to/php or C:\path\to\php to indicate that you needed to replace this with the path to PHP CLI given to you by your host. Unfortunately, many hosts have under-trained first level support staff which can't provide this information, and does not understand the difference between PHP CLI and PHP CGI. We have now added code which tries to identify the PHP CLI binary automatically using our experience of where these files are usually to be found on a very large sample of live and local server environments across all major operating systems (Windows, Linux, macOS, FreeBSD etc.). In most cases, the command line you are given will be one that you can just copy and paste into your host's CRON management page without having to do any thinking, or contacting your host. Simplicity, yay!

Added support for multiple email addresses inside WAF configuration. You can now add multiple email recipients in WAF features which accept an email address.

Password hashing algorithm selection for password-protect admin folder. The default password hashing algorithm has been downgraded from bCrypt to APR-1 for the Password-protect Administrator Directory feature. This makes it compatible with more hosts, e.g. CloudAccess. If your host supports bCrypt-hashed passwords in Apache (you can ask them!) you can manually choose the more secure hashing algorithm when setting up the administrator directory password protection. The other options there should not be necessary on any host with an Apache version released this past decade. We include them for completeness only, not expecting you to actually use them.

Workaround for Joomla! 5.2 broken mail template layout. Joomla! 5.2 introduced the new Mail Template Layout feature. Unfortunately, this feature is breaking URLs in emails by prefixing them with the site's URL even if they are absolute URLs. Something like https://www.akeeba.com will turn into this jumbled mess https://www.example.com/https://www.akeeba.com. This happens to all URLs in anchor (), link, and a few other HTML tags and affects all URLs which come from an email template variable – even those in mail templates of core Joomla! components such as the users component (think account activation, username reminders, password reset, etc). There was simple no QA done before the release of Joomla! 5.2. While we cannot fix Joomla! 5.2 ourselves and we cannot ask our clients to disable the Mail Template Layout feature (it is a nice feature, despite its shoddy implementation), we can work around the problems it brought with it. We added this workaround, as well as a toggle in the component's Options in case you need to disable this workaround, presumably when Joomla finally addresses this issue.