Thank you for that in depth less on the behavior of modern operating systems and browsers. I certainly learned much more than I expected in response to my little problem.
However, your explanation fails to explain why
- this happens after my client logs in to the admin backend of this (test Joomla 4.2) system but does not happen when I log in to the same system.
- this never happened to the client on their Joomla 3.10.11 live system.
- this has never happened on any Joomla system on which I have worked ever - in the last 15 years or so.
I have never routinely closed each browser tab after I've finished a Joomla admin session - I rarely remember to log out. I had never seen this behavior previously. and I cannot stimulate Admin Tools to behave this way after my admin sessions.
It occurred to me that I had forgotten that I had made some changes to the Admin Tools test site in order to reduce attempts by unkn own actors from Eastern Europe and Asia to log in to this test system. The autoban parameters were originally set to detect 3 failed log in attempts within one minute - presumably to catch bot based hack attempts. (I had not chosen those values; they were set that way on the live site before I became involved with this client.) The hack attempts I was observing were much more spread out - one every ten minutes or even longer intervals. In response, I had modified Admin Tools to autoban an IP address from which a failed log in occurred five times in one hour. This DID seem to correspond to when this problem started.
Therefore, I have changed the Admin Tools autoban parameters back to their original values (3 failed attempts within one minute) and this behavior has completely stopped.There are no more failed ghost logins attempts being reported via emails nor in the logs. I asked the client to ensure that they log in, start an editing session (JCE editor) and walk away. No failed ghost log in attempts are reported. To be fair, before I remembered having changed the Admin Tools parameters, I also asked them to open a new browser tab, log in to the Joomla backend , start a JCE editor session, wait five minutes, close the editor session, log out of Joomla and finally close the browser tab. That also seemed to eliminate the issue of these failed ghost logins - as you had described they would - and should.
However, I am afraid I do not see any obvious logical connection between those parameter settings and the behavior I wrote about. And, if I am following your detailed explanation of why that behavior MUST occur, I don't see how changing those parameters to the original values would stop that behavior - in addition to why the behavior never occurred after my own logins.
I can certainly live with the Admin Tools settings as they are - but I think the mystery of exactly what causes these ghost log in attempts (either only when the client - a System Admin - logs in or not when I - a System Admin - log in ) remains unsolved. I very much appreciate that you are a very busy guy focussed on managing some of the most complex, capable, and important extensions for Joomla, so I would be happy to offer any help I can to help find the underlying cause(s) of this problem. I have some ideas about things to test and as i get results from those tests I will, if you'd like share them with you.
For example, set the Admin Tools parameters back to 5 failures within an hour; create a new System Admin user.; log in using those credentials and see if the ghost login return. And see how if extending the autoban faied logins period to any value longer than the system's sesion length parameter will cause this problem (of course, only for some groups of logged in users and not others). And see if reducing the the Admin Tools failed logins period to shorter than the system session time will stop the failed ghost log ins.
As you can see, unlike you, I suspect that the failed ghost logins may be related to Admin Tools behaviour - with its fingers apparently deep into the bowels of Joomla, and the web server (and maybe the browsers' behaviors?) - holds the key to this mysterious behaviour. With the millions of Joomla sites out there and the tens or hundreds of thousands of Admin Tools tistes out there, almost all of them I'd expect leaving the autoban parameters at default values, I am not surprised that this problem has not reared its ugly head previously - or at least that you haven't receieve a log of reports of it. Leaving things as they are, seems to me to be waiting for a disaster, one with a small probability of ever occuring, to occur "big time" at some time in a future release or update of Joomla or of Admin Tools. It would be better to completely understand what is going on now, when you have only my report in addition to a small number of others about this failed ghost login behavior then to wait until things blow up and have to deal with it then.
I will update this ticket with the results of my tests to provide you with additional data points to help with your problem anallysis and, with any luck, lead you to to the ultmiate solution to solving the issue without imposing "unusual" behaviours on those who log into Joomla's admin backed to perform various tasks.
Once again - many thanks for the time and effort and expertise you have put into Admin Tools and Akeeba Backup for Joomla (and I presume for the several other products and extensions for WP that you produce). They are heads and shoulders above the vast majority of other extensions in terms of relaibility and quality - not to mention utility. I don't know what I would do without the capabilities provided by Akeeba Backup especially. We are lucky to have a guy like you and a team like yours dedicated to providing such high quality, well thought out, flexible, and reliable tools without which, Joomla would much less capable of meeting the needs of larger, more complex sites.
[I had actually begun this extensive note before the weekend but for varous reasons, was unable to complete it and had to start it again. That's probably a good thing as you would probably have ruined your weekend thinking about the issues I raised. I would not want to be responsible for ruining (almost) anybody's weekend ]