Support

Admin Tools

#16849 File Scanner for JS, xml, txt files?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by Chacapamac on Thursday, 25 July 2013 08:30 CDT

Tuesday, 23 July 2013 08:55 CDT

Chacapamac
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: (2.5.11)
PHP version: (5.4)
MySQL version: (unknown)
Host: (Bluehost)
Admin Tools version: (2.5.6)

I see that we can control what files are scanned in the configuration of the PHP File Change Scanner.

I was wondering the impact to add all the normal other type of files you can encounter in a Joomla installation, like pdf, js, xml, .htaccess etc?

Tuesday, 23 July 2013 09:34 CDT

nicholas
The scan will get slower, but you will be safer from malicious PHP code hiding under a false extension. Go ahead and do it!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 23 July 2013 10:31 CDT

Chacapamac
Do I have to enter the extensions like this:

php
ini
htaccess
png
jpg
pdf
js

Or I need to put the dot, comma separated?

Tuesday, 23 July 2013 10:49 CDT

nicholas
One extension per line, without dot. Exactly as you pasted it in your ticket reply above.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 23 July 2013 14:34 CDT

Chacapamac
Thanks
— If it’s more files included in the scan. do the database will become bigger (to big)?

I say that because your system is really keeping the inner code of all files...

Little worry about that...

Tuesday, 23 July 2013 15:56 CDT

nicholas
Fair point. Yes, if you have the calculate diff option enabled the tables get enormous. Turn that option off (by default it's turned off). Still, the database table of the scans will grow BIG. But not as big as the database tables used by Joomla!'s Smart Search. Just for kicks I did an index on a copy of this site. When the db tables reached the size of 3Gb I aborted it thinking "WTF, that's not worth it!". In comparison, the scan table had gotten "big", around 80Mb. Well. Big is a relative term, isn't it?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 24 July 2013 12:07 CDT

Chacapamac
I Just make the test with
php
ini
htaccess
png
jpg
pdf
js
txt

On a 2.5 web site

The original Database = 2mb

The Database after the scan = 3.7mb for 7699 files

The web site have a total of 14,694 files

Other type of files (9995) are
html
xml
ico
less
css

Do you think I should add them to the scan and what are the possible problems?

Wednesday, 24 July 2013 12:14 CDT

nicholas
Try a scan with the other files as well.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 24 July 2013 13:09 CDT

Chacapamac
I’m not to sure of what I did but....

I trash the first scan to be sure to encompass the maximum of file for the first scan...

I change the config for more type of files

php
html
ico
less
css
js
xml
ini
htaccess
png
jpg
gif
pdf
txt

But I don’t understand the numbers resulting ?????

it say:
11754 Total files scanned
281 modified
283 Possible threats
4055 Added....

I was thinking by trashing the firsts scans that the Total files scanned will be the same as the
Added

My worry here is that I have a repertoire of only 4055 files on the total of files making up the site...

I did something wrong or I don’t understand the numbers

Wednesday, 24 July 2013 14:05 CDT

nicholas
I'm not sure where that Added came from

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 24 July 2013 14:33 CDT

Chacapamac
In Database
admintools_filescache = 11754 entry = Total files Scanned

admintools_scanalerts = 4336 entry

4055 (Added) + 281 (modified) = 4336

Maybe I should delete my existing scan and empty those databases tables and start a new scan to be sure....

I’m not to sure what to think here...

Wednesday, 24 July 2013 15:40 CDT

nicholas
I think emptying the tables would be the best approach.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 25 July 2013 08:30 CDT

Chacapamac
First I Deleted the Scan in Admintools
This action don’t delete the admintools_filescache = 11754 entry = Total files Scanned
But delete the admintools_scanalerts

• I delete (truncate) the entries in admintools_filescache = 0

• Repeat the scan (with all type of files (show here) — Take around 45 minutes

Now (in database):
admintools_filescache = 11754
b]admintools_scanalerts[/b] = 11754

In Admin Tools – PHP File Change Scanner (Control Panel)
Total Files = 11754

Possible Threat = 264

Modified = 0

Added = 11754

Now the 11754 files are in the Report


The original database of 2mb pass to 4.5mb


SOLVED THANKS

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!