Support

 Hi,

A couple of my sites started to send me multiple emails for each IP incursion. 6 or 7 for a single hit is seemed. After reading the forum I noticed in Libraries I had a fof and a f0f folder.

I removed the f0f folder and the duplicate emails stopped. However, I have no black listed IP's since 13/1/17 which seems inconsistent with the usual spammers and login attempts.

I am not sure if I have caused this

Regards

Darrel

Darrel,

The f0f directory was probably obsolete, it is no longer used by Akeeba products. The current folder name for that library is fof30. It is possible that some other third party extension was using it, but not too likely.

Since what you deleted was obsolete for Admin Tools, I don't think that is the cause. It is tough to figure out why you are NOT getting hacked. I would recommend that you keep an eye on the situation to see if it changes. The attacks do ebb and flow, but they are never totally absent for very long.

I just thought of something else. Make sure you didn't rename the main.php file to disable Admin Tools and forget to rename it back and enable it again.

Hi team Akeeba. I reinstalled Admin Tools and that seems to have fixed the triplicate problem.

There is a hidden folder .well-known in sites that have security certificates https://

Any ideas if this should be there?

The .well-known folder is OK. It is used for site verification with Let's Encrypt certificates. It is fairly new, so you may not have seen it before.

Thanks for that

You're welcome!