Support

Admin Tools

#24036 PHP File Change Scanner

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Saturday, 23 January 2016 17:20 CST

Wednesday, 23 December 2015 17:19 CST

billg
 I just purchased Admin Tools and Backup. I have another account that got hacked that I still need to install it on but I started with an account that I don't think is hacked (yet?) that I can't update due to template (that will be a project for next year.)

Meanwhile, the File Change Scanner is brilliant, but it found 314 possible threats, including a lot of Akeeba files! Is there any way to narrow those down to actual threats? Or make them so they don't show up on every scan but retain the data in case I need to go back to check them? Once I install on my other websites I envision thousands of these "threats" showing up and I won't be able to verify every single file.

Thursday, 24 December 2015 03:02 CST

tampe125
Hello William,

I'm sorry but that's not possible, you have to review the results. We are just displaying the probability for a file being malicious, so you have to manually review them. More info on how to read the reports, here

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 24 December 2015 03:12 CST

nicholas
There's a simple way to quickly figure out which of our components' files are safe: go to Components, Akeeba Backup (and Admin Tools etc) and open the component. Wait for 10 seconds. If no Big Red Scary Message appears telling you that your installation is tampered with you can safely assume that the component's files are safe. So just go to the PHP File Scanner and mark them as safe (click on the red icon in the second to right column next to that file). This will reduce the number of files to about half :)

As for the rest of the files I suggest that you follow our documentation instructions. I know that it's a tedious job but you only need to do it once. Afterwards you can just run a scan after updating Joomla! and/or its extensions and mark all new and modified files as safe. This way any changed / unsafe files in intermediate scans are guaranteed to be actual issues (hacked files) instead of false positives.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Saturday, 23 January 2016 17:20 CST

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2016-01-23 17:20 CST

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!