Support

Admin Tools

#41508 can "Monitor these files for changes" check for changes to any file within a directory?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
5.2.2
PHP version
8.2
Admin Tools version
7.6.2

Latest post by davidascher on Tuesday, 21 January 2025 06:18 CST

Monday, 20 January 2025 16:02 CST

davidascher

If so, what is the proper form of entry for monitoring changes to a directory (or changes to any file within the directory)?

/images

or

/images/

or 

/images/*

or something else?

or you must specify a single file at a time?

Tuesday, 21 January 2025 00:47 CST

nicholas

No, we do not support wildcards – and for good reason. This code runs on every single page load of your site. It would make your site crawl to a grinding halt.

Assuming this is related to https://www.akeeba.com/support/admin-tools/41507-image-file-replaced-by-hacker-without-any-sign-of-intrustion.html I don't have a good solution for you which doesn't involve custom code, or the command line.

In the latter case you could produce a list of MD5 sums of all images with

find /path/to/images -type f -exec md5sum '{}' \; > md5sum.txt

You could then sort the file.

Next time you want to check the integrity you could create a new md5sum.txt file and diff it with the original. It would show you which files have been added, removed, or modified.

It's neither user-friendly nor fool-proof, but it does what you're asking.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 21 January 2025 06:18 CST

davidascher

After posting this ticket - while I was still panicking about the site's vulnerability - it occurred to me that having Admin Tools check for any changes in an entire directory tree on every page load was probably a pretty bad idea for the reason you stated. Since it is a bad idea, it seemed very unlikely that Admin tools would do it.

I have identified the source of the attack as a file left over from an attack on the site about 6 months ago. It gets complicated to go into further detail, so I will spare you.

Thank you for the clear and rapid response and the suggestion.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!