If you had told me that the strange email recipients happened ONLY with the Critical Files feature I could understand that. If you have enabled the Monitor Critical Files feature but NOT provided any email address in the "Email this address on monitored files change" field we will use the email set up in the "Email this address on blocked request" as someone needs to be notified! There's no point enabling Critical Files without any email addresses to be notified. We made this change in version 7.7.1. It's not a problem, it's a sanity check. If you don't want to receive these emails, just disable the Critical Files feature in the Hardening Options page.
The problem is you are claiming this happens for the PHP exceptions email. However, there is no such code to do that, and the last time this code was modified was three years ago. The PHP exception email is only sent to the "Email PHP Exceptions to this address" email. You can see that in the plugins/system/admintools/src/Feature/EmailOnPHPException.php file line 28:
$this->emailAddress = trim($this->wafParams->getValue('emailphpexceptions', '') ?: '');
The emailphpexceptions field is the one labeled "Email PHP Exceptions to this address" in the interface. Again, this line has been there for 3 ½ years (it was last modified January 20th, 2022). Unless you have gone and modified that code yourself, you are not getting emails on any other address.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
