Support

Hello, I read the section on PHP file scanning and am getting a different result than expected on some websites. Some websites show zero modified files even after many weeks between scans. Other sites show them between consecutive scans one after another.

This is the documentation that is confusing me.

When a file change is detected. A file change is detected only if the file is added or modified since the immediately previous scan. This means that if you scan now, modify a PHP file and scan again, it will show up as modified. If you perform a third scan right after the second one, the file will NOT be reported as changed. This is normal! The file was changed between the first and second scan, but not between the second and third scan.

Here's the result I am looking at for the site that keeps showing modified files.


A site that does not.


Also on the site that is showing modified on every scan I have enabled DIFF but opening the report and clicking on a file I see no link to the changes.

If you have enabled the diff feature in the component's configuration page and this is a Modified file, you will also see the Diff to the previous version pane. On this pane you will see the consolidated differences between the scanned file and its previous state.

Thank you

That was my goal by trying to compare the diffs in these. I just launched the site yesterday so I am fairly certain it has not been compromised in any way?

Where can I see the file changes if they are modified as it states. Or am I not understanding the documentation that says you can see the changes in the files marked modified.

Also why are some sites that have been up for years not showing anything (all zeros)

Thank you

In view report I select "Modified" from the selection dropdown and it shows No records found

The page showing the scans shows 96 modified for that scan but the report shows no modified records. I am confused.

Another part of my confusion is the difference between different sites. The site from the screenshot above shows a scan that was from a Joomla 2.5 site and the last one was after it was upgraded to Joomla 3 with over a year between scans. How could zero files have been modified?

Thanks for your patience.

That worked one time and now it's back to reporting the 96 modified.

Still very confused how one site over a year old has never had a modified file when new site has 96 in a month.

I guess I'll just leave it at AT is protecting my site and file scanner makes no sense to me.

Thanks for your help.

No worries, just checking due to the JoomDonation issue. I don't think I have any issues related to these hackers. It's just some fear tactics.

Thanks