Released on: Friday, 17 October 2014 09:06
This version of Admin Tools fixes two issues with Joomla! 2.5 and adds an installation self-check feature.
A better, more stable way to install and update the database tables. Previous versions were using the database installation and update code in Joomla! itself which was notoriously buggy and resulted in erratic behaviour. In this release we use our own database installer / updater for the base tables of our component. Unfortunately, due to the rules in the Joomla! Extensions Directory, we still have to rely on Joomla!'s code for the administrator menu item creation which may cause no menu item appearing under components on very few sites. We are aware of it, we know how to fix it, but we are not allowed to on penalty of being permanently banned from the directory!
Show the update information in the control panel page. In the previous version we introduced the integration with Joomla!'s own extensions updater. Unfortunately you could no longer see the update information in the component's control panel page. This version fixes it and allows you to force-reload the update information if you need to as Joomla! no longer lets you do that in the latest 3.x versions (for no good reason, really).
Some features not shown on servers which don't support them to prevent confusion. Namely the "Emergency off-line", ".htaccess Maker" and "Password-protect administrator" are not shown on servers which are known to not support .htaccess files. Also the "Permissions Configuration" and "Fix Permissions" features are not shown on Windows servers as the notion of permissions does not exist there. Please remember that when Admin Tools is not absolutely sure it will display the feature anyway!
NginX Configuration Maker brings the power of the .htaccess Maker to the high-performance NginX server! The generated configuration can be added manually to your nginx.conf file or a file can be written in your web root to be included by NginX (note: only the first option is considered secure).
Option to reset Joomla!'s Two Factor Authentication when a user resets their password. Sometimes users who have enabled the Two Factor Authentication (TFA) features on Joomla! 3.2 and later lose their device. Normally they have to go through a site administrator to have them manually deactivate the TFA. With this option the TFA is disabled following a successful password reset of the user account. It's less secure but more convenient.
ON POPULAR REQUEST: Added template emails for security exceptions notifications. You can now have a different email sent out depending on the security exception type. You can also define rate limits for emails so that your inbox doesn't get flooded when you're under attack by a botnet that Admin Tools is successfully coping with.
ON POPULAR REQUEST: Repeated auto-bans can lead to permanent ban. If an IP is constantly triggering the automatic IP ban feature it can get permanently banned, i.e. added to the IP Blacklist. You can configure if and when this will happen.
Forbid HTTP TRACE and TRACK methods (XST protection). One more protection added to .htaccess and NginX Configuration Maker, this time preventing Cross Site Tracking attacks which tend to leave no traces in your server access logs.
Away schedule. Block access to the administrator section of your site between certain times of the day. Useful if you are the sole administrator of a site and don't want hackers to have a chance of logging in while you are fast asleep.
ON POPULAR REQUEST: Admin cloaking. Admin Tools can cloak your administrator URL. Going directly to http://www.example.com/administrator will throw you back to the site's main page (and a security exception will be logged). Instead, going to http://www.example.com/mysecret (where mysecret is configurable) will allow you to see the administrator login page.