Support

Akeeba Backup has absolutely nothing at all to do with your problem for the simple reason that your backup configuration has nothing to do with Joomla's Home Dashboard, nor is there any difference between [DEFAULT_OUTPUT] and what you did. In fact, saving the configuration does convert the absolute directory to [DEFAULT_OUTPUT], i.e. you made absolutely no change to the backup configuration. You just invented a placebo and convinced yourself that it cures your ailment. It's like hitting that pedestrian crossing button; it doesn't change the light, it just make you feel like you did something when, in fact, your action is completely pointless.

All of the notification icons are asynchronous. Each one of them runs an AJAX request to your server, querying the status of overrides, download keys, Joomla Update, extension updates, and privacy requests.

It sounds like your server is blocking your requests. Logging into your site with the credentials you gave me I actually don't have this problem. I can see all of the Notifications icons green except the extensions updates which reports that one update is available.

To better understand what happens, please look at the issue I filed with Joomla back in July: https://github.com/joomla/joomla-cms/issues/38001. Even though I contributed the code to make these requests consecutive instead of parallel, if two or more requests happen to conclude “fast enough” (in a period of time configured by your host and out of your or our hands) you could still get your requests blocked and your IP temporarily blacklisted — which explains why clicking on Joomla Update results in a server (not PHP, or Joomla) error.

That's the thing, there's really nothing you can do. The problem is with how the server is configured. It very likely uses the mod_evasive Apache module which blocks requests when “a lot” of them come from the same IP address “very fast” — this can be as low as 2 requests in 3 seconds, mind you, and it's only under your host's control. This has proven to be problematic, nobody serious about hosting uses it anymore, and even the development of mod_evasive has stopped since 2017. Yet, some hosts still use it.

When mod_evasive kicks in it's possible that your PHP session gets destroyed, i.e. you are logged out.

The only thing you could do is unpublish the Notifications administrator module from Content, Modules, Administrator. You will no longer have the icons which notify you about updates, personal data requests etc which were triggering mod_evasive on your server and have been causing you all this trouble.

You should also wait 2–3 seconds before clicking on anything else on a page after it's loaded. So, when you go to the Configuration page of Akeeba Backup count “one Mississippi, two Mississippi, three Mississippi” before clicking on the Browse button.

Maybe it's time to talk to your host. It's 2023. This kind of server setup was problematic in 2013. They need to get on with the times. Sites are not built like they were in 2003, a PHP file rendering a static HTML page. There's JavaScript, there's AJAX calls running in the background. Yes, there are multiple requests coming from the same IP and they are legitimate, not an attack. There are far better ways to prevent DoS / DDoS attacks on a server and they should know it.