Support

All of these attempts to access something on your server are run against inexistent PHP files. Unless you have set up your .htaccess files to redirect 404s of random PHP files to Joomla!, Admin Tools will never run (remember, Admin Tools only runs inside Joomla!, not magically on all requests coming in to your site).

Even if you do that, unless the requests have some malicious payload (they don't) they won't be caught by Admin Tools or any other security component. They are just 404 errors. In fact, these seem to be probing requests, trying to figure out if you have an insecure copy of phpMyAdmin on your server.

Even if the requests carried a malicious payload, the IP would only be blocked if you had enabled the automatic IP blocking feature for Admin Tools. And, of course, only access to Joomla! would have been blocked, not generally on your server.

Admin Tools is not supposed to be a panacea, catching anything and everything. It's a tool to secure Joomla!, only Joomla! and nothing but Joomla!. In order to stop probing attacks like the one you experienced you may need to enable mod_security (an Apache module) on your server and have appropriate rules which block IPs causing too many 404s over a period of time. Admin Tools is a Joomla! extension, therefore it can't provide web server level security.

Hi Fritz,

You're welcome :) I had updated my security talk two months ago to include information about the different kinds of protection you can have on a site (server level, web daemon level, site/.htaccess level, Joomla! level). Security is much more than installing and configuring a security extension. Hopefully, the guys at Joomla! Day France will publish the video of my most recent security presentation in Joomla! Day France 2012 (I speak in English, Yannick of sh404SEF translates to French) and I can link to it :)