Please look at the bottom of this page (under Support Policy Summary) for our support policy summary, containing important information regarding our working hours and our support policy. Thank you!Hello,
I'm worried about what I've been finding while bringing Admin Tools up to date.
I recently been having a spike in login failure security exceptions on one of my sites. My Admin Tools was out of date which I've since updated. I checked my users and there were over 1500 spam users registered. I disabled User Registration and cleared them out; the site does not have a visible User Reg fuction as it is not needed at this time.
I have auto-backup enabled and just recently updated to Joomla 3.9.16. I noticed the "Default output directory in use" alert and followed the link to the Akeeba help page and I'm in the process of understanding and impementing changing the output directory location.
I run an automated weekly PHP scanner which found 3 new files in the current default backup folder. The scanner gave the files a Threat Score of 5000? the file names are:
administrator/components/com_akeeba/backup/akeeba.backend.id37.log.php 5000 11.6 MB
administrator/components/com_akeeba/backup/akeeba.backend.id36.log.php 5000 11.4 MB
administrator/components/com_akeeba/backup/akeeba.backend.38.log.php 5000 11.4 MB
I've opened them and they appear to legitimate log files. I browsed through them quickly checking near the beginning and end for obvious hacked injections but nothing stood out to me.
I also saw these files (no extension, 0 KB) in backup as well:
confwiz3vabsV
confwizGMUw6R
confwizJHFM4e
confwizvMHZLg
I suspect they may be associated with the now removed GeoIP s/w, but I'm not sure.
Should I be worried about these files? Is creating a new directory at the root level (same level as public_html) and configuring Akeeba Backup to use it as the output directory?
I will appreciate any insight you guys can provide.
Thanks
I'm worried about what I've been finding while bringing Admin Tools up to date.
I recently been having a spike in login failure security exceptions on one of my sites. My Admin Tools was out of date which I've since updated. I checked my users and there were over 1500 spam users registered. I disabled User Registration and cleared them out; the site does not have a visible User Reg fuction as it is not needed at this time.
I have auto-backup enabled and just recently updated to Joomla 3.9.16. I noticed the "Default output directory in use" alert and followed the link to the Akeeba help page and I'm in the process of understanding and impementing changing the output directory location.
I run an automated weekly PHP scanner which found 3 new files in the current default backup folder. The scanner gave the files a Threat Score of 5000? the file names are:
administrator/components/com_akeeba/backup/akeeba.backend.id37.log.php 5000 11.6 MB
administrator/components/com_akeeba/backup/akeeba.backend.id36.log.php 5000 11.4 MB
administrator/components/com_akeeba/backup/akeeba.backend.38.log.php 5000 11.4 MB
I've opened them and they appear to legitimate log files. I browsed through them quickly checking near the beginning and end for obvious hacked injections but nothing stood out to me.
I also saw these files (no extension, 0 KB) in backup as well:
confwiz3vabsV
confwizGMUw6R
confwizJHFM4e
confwizvMHZLg
I suspect they may be associated with the now removed GeoIP s/w, but I'm not sure.
Should I be worried about these files? Is creating a new directory at the root level (same level as public_html) and configuring Akeeba Backup to use it as the output directory?
I will appreciate any insight you guys can provide.
Thanks
