Disable password reset for specific user groups. Joomla already prevents password resets for Super Users for security reasons. In many sites you have other user groups which do not have Super User privileges but are quintessential in the operation of the site such as support staff, sales managers, publishers etc. Takeover of these accounts could have immediate adverse effects on your site's or business' operation. Admin Tools now allows you to select these user groups and prevent password resets for accounts belonging to these groups. Naturally, when a user in such a group needs to reset their password they will need to contact a Super User to do it for them.
Server config makers: always allow access to HTML files used in TinyMCE plugins (used by Joomla's default TinyMCE editor). Joomla's TinyMCE editor has two mostly hidden features: content templates and plugins. These are implemented as HTML files inside the editor plugin's folder. These files are normally blocked by Admin Tools' server config makers (.htaccess Maker, NginX Config Maker and Web.Config Maker). We are now explicitly allowing them as there are new Joomla features coming your way using these TinyMCE features.
Improved Quick Setup Wizard default settings for the .htaccess Maker. We are taking a more conservative approach to the defaults being applied.
Quick Setup Wizard: Allowed domains resolving to IP 127.0.0.1 or ::1 will not be applied (automatically allowed anyway). This prevents this feature from adding localhost and any locally resolved domain names when you install and configure Admin Tools on a locally developed site. It also makes transferring the site to the live server far less complicated.
Aligned default option values visible in the Configure WAF page with what the WAF does if you do not save its configuration through the Configure WAF page. If you never used the Quick Setup Wizard there would be a disparity between the default Web Application Firewall options displayed in the Configure WAF page and how the Web Application Firewall acted by default. This would be very confusing and lead to some support tickets where we could tell that feature X was preventing the request and the client insisting that the feature was disabled. We have now changed how the Web Application Firewall works if left unconfigured to match the defaults you see in the Web Application Firewall settings.
Please consult our Compatibility page. It explains our version support policy and lists which versions of our software are compatible with which versions of Joomla and PHP.