RSFirewall! Changelog

29 Nov 2016
Version 2.11.5
  • Fixed - Scanning for malware AJAX response could be scrambled by an incorrect encoding of a malware pattern.
31 Oct 2016
Version 2.11.4
  • Updated - Malware database was updated.
  • Updated - More thorough check for Joomla! < 3.6.4 vulnerability.
  • Fixed - In some cases, GeoIPv6 functions might throw an error.
06 Oct 2016
Version 2.11.3
  • Fixed - Checking for the GeoIP v6 file was not working correctly.
28 Sep 2016
Version 2.11.2
  • Fixed - In some cases when using reverse proxies, the REMOTE_ADDR variable contained multiple IPs and threw an error.
  • Fixed - GeoIP was incorrectly initialized when not enabled.
  • Fixed - Google Safe Browsing error messages are now displayed to provide more details.
07 Sep 2016
Version 2.11.1
  • Updated - IPv6 GeoIP database support.
  • Updated - Improved Country Blocking interface initial setup.
  • Updated - Google Safe Browsing API updated to v4.
  • Updated - Malware database updated.
  • Fixed - Permissions were not being saved correctly due to Joomla! changes since 3.6.0.
  • Fixed - Denied referers were not recorded in the System Logs even with 'Log all blocked attempts' set to 'Yes'.
05 Aug 2016
Version 2.11.0
  • Added - Map of blocked attacks in the System Overview area.
  • Updated - Malware database updated.
  • Updated - Replacing email addresses with images has been re-worked to reduce page load.
  • Updated - More information shown when a protected user change has been attempted.
  • Fixed - No longer allows you to delete files from your Temporary Folder if it's incorrectly set and contains your website's folder.
  • Fixed - System Logs was becoming slow due to missing indexes on tables.
09 May 2016
Version 2.10.2
  • Updated - A log entry will be created when a change is attempted on a protected user.
  • Updated - A log entry will be created when the creation of a new administrator is blocked.
  • Updated - Malware database updated.
  • Fixed - Old log entries were not deleted according to the settings.
01 Apr 2016
Version 2.10.1
  • Added - Check your website's status in Google Safe Browsing lists.
  • Added - View and remove files that have been ignored during the System Check through "Accept changes".
  • Updated - Malware database updated.
19 Feb 2016
Version 2.10.0
  • Added - Built-in exceptions for com_plugins, com_templates, com_modules
  • Updated - Show number of files (hashes) modified or missing from your Joomla! installation.
  • Updated - Can overwrite modified files or add missing files straight from the Joomla! repository.
  • Updated - Malware database updated.
  • Fixed - If no signatures are present an error messages is shown during the System Check scan.
  • Fixed - 'Error! is not a valid folder' message rewritten to make more sense.
  • Fixed - Creating php.ini: open_basedir value could have contained empty paths in some cases.
  • Fixed - Creating php.ini: open_basedir did not return the correct session.save_path.
  • Fixed - Checking temporary files might not have listed files in some cases.
25 Jan 2016
Version 2.9.7
  • Added - View contents of files tagged as malware directly from the System Check area.
  • Updated - Malware database updated.
  • Fixed - Invalid data could be stored when activating 'Protect the following users from any changes'
21 Jan 2016
Version 2.9.6
  • Updated - Notification emails now contain the 'Debug information' as well.
  • Updated - System Check now ignores folders it cannot access rather than stopping.
  • Fixed - System Check could not be completed when encountering a symbolic link pointing back to the Joomla! root.
22 Dec 2015
Version 2.9.5
  • Fixed - Reverted some functions so that Joomla! 2.5 is still supported.
22 Dec 2015
Version 2.9.4
  • Updated - File paths in the Ignore files and Monitor files section are now stored with relative paths when backing up.
  • Updated - Can choose if you want to keep the Update Code from the configuration.json.
  • Fixed - Converting email addresses to images displayed a PHP Notice in some cases.
21 Dec 2015
Version 2.9.3
  • Added - System Check now checks if the Session Handler is set to 'Database' and issues a warning.
  • Added - Select which headers to check for the real IP if server behind proxy (wasn't configurable until now).
  • Updated - Can now filter based on Blocked status in the System Logs area.
  • Updated - Debug information in System Logs hidden by default - a 'Show' button has been added to display it.
  • Fixed - Session injection protection did not automatically blacklist IPs.
  • Fixed - Language strings in the mod_rsfirewall module were not loaded if the System Plugin was disabled.
  • Fixed - In some cases, the System Check would write a log even if the option was disabled.
  • Fixed - Converting email addresses to images did not work with new (long) domain extensions.
16 Dec 2015
Version 2.9.2
  • Updated - Further improvements to session injection vulnerability prevention.
15 Dec 2015
Version 2.9.1
  • Updated - User Agent Blacklist updated to prevent Joomla! session vulnerability.
  • Updated - Malware database updated.
11 Dec 2015
Version 2.9.0
  • Added - Can now view differences in modified core Joomla! files.
  • Added - Ability to deny referers by specifying the domain name.
  • Added - Export & import configuration data.
  • Added - Download System Logs in CSV format.
  • Updated - Country Flags are now displayed on the Blackist/Whitelist page.
  • Updated - Visually improved Backend Login and Forbidden views.
  • Updated - Backend Login and Forbidden views can be overrided through the template now.
  • Updated - No longer checking 'register_globals' and 'safe_mode' on PHP 5.4 and newer.
  • Updated - System Check last run time is now recorded.
  • Updated - Small interface improvements.
  • Updated - New malware signatures added to the database.
  • Fixed - Updating the component did not run the necessary queries when using MySQL (PDO).
22 Sep 2015
Version 2.8.14
  • Fixed - Add to Blacklist and Add to Whitelist buttons from the System Logs area were not working correctly.
30 Jul 2015
Version 2.8.13
  • Fixed - Backend login CAPTCHA no longer appeared due to a HTML change in the mod_login layout.
03 Jul 2015
Version 2.8.12
  • Added - Hashes for Joomla! 3.4.3
01 Jul 2015
Version 2.8.11
  • Added - Hashes for Joomla! 3.4.2
29 Jun 2015
Version 2.8.10
  • Added - Joomla! updates integration.
  • Fixed - Clicking on countries in the Country Block area did not work on Google Chrome and Internet Explorer.
25 May 2015
Version 2.8.9
  • Fixed - Blacklisting no longer worked if a wrongfully added IP range was present in the database.
21 May 2015
Version 2.8.8
  • Added - Ability to select a continent to block.
  • Updated - Malware signature database.
15 May 2015
Version 2.8.7
  • Updated - 'Automatic blacklisting for /administrator login' is now independent of the 'Automatic blacklisting' option.
  • Updated - 'Enable CAPTCHA' is now independent of the 'Automatic blacklisting for /administrator login' option.
  • Fixed - Dashboard message that a file has been modified persisted even after replacing the file with the correct version.
  • Fixed - Logging in successfully now resets the number of login attempts to 0.
  • Fixed - 'Monitor the following files for changes' was not being loaded correctly from the Configuration.
  • Fixed - When using a PDO MySQL database an error was thrown.
  • Fixed - Longer texts in the System Logs areas were showing outside of their bounding area.
04 Mar 2015
Version 2.8.6
  • Added - Hashes for 3.4.0
  • Added - Hashes for 2.5.28
  • Fixed - Due to this Joomla! 3.4.0 issue uploading the GeoIP.dat.gz file did not work anymore.
03 Mar 2015
Version 2.8.5
  • Fixed - The backend sidebar on Joomla! 3.4 was not showing correctly.
03 Feb 2015
Version 2.8.4
  • Added - Whois service for IPv4 can now be configured instead of the default 'http://whois.domaintools.com'.
  • Added - A separate Whois service for IPv6 can now be configured.
  • Added - Warning message shows up when 'Disable the creation of new Administrators' is active and you're editing a user in User Manager.
  • Updated - Logging more events (if it's enabled) when performing the System Check to aid during debugging.
  • Fixed - In some cases, the JSON result returned by the System Check couldn't be decoded.
  • Fixed - Country Flag did not appear in the System Overview page.
  • Fixed - Country Flag did not appear in the RSFirewall! Control Panel Module.
14 Jan 2015
Version 2.8.3
  • Fixed - 'System Overview' graph wasn't showing properly.
  • Fixed - 'Protect the following users' was creating duplicate users when the user didn't exist.
  • Fixed - 'Protect the following users' was throwing a 'JUser::_load unable to load user' error when the user didn't exist.
06 Dec 2014
Version 2.8.2
  • Updated - Malware database has been updated with new signatures.
  • Updated - Rewrote 'System Plugin is disabled' message and added suggestions to fix.
  • Updated - 'Ignore files and folders' and 'Monitor the following files for changes' width increased.
  • Fixed - Resolved a '500 View not found' error in frontend.
28 Nov 2014
Version 2.8.1
  • Fixed - Solved an incompatibility with PHP 5.2 when enabling 'Protect forms from abusive IPs'.
27 Nov 2014
Version 2.8.0
  • Added - Hashes can now be downloaded straight from our update server without installing a new version of RSFirewall!.
  • Fixed - Scanning the integrity of files no longer works on development releases (such as alpha versions of Joomla!).
  • Fixed - Scanning could not finish no longer shows up when you're missing hashes for your version.
  • Fixed - Detecting invalid inclusions (CryptoPHP) in PHP scripts (in the Checking for malware step) was too sensitive.
18 Nov 2014
Version 2.7.5
  • Updated - Database Check now only performs tasks on MyISAM tables.
  • Updated - Checking for malware now detects invalid file inclusions in PHP scripts.
  • Updated - A warning message pops up when attempting to navigate away when the System Check is still in progress.
07 Nov 2014
Version 2.7.4
  • Updated - System Overview graph has been optimized for use with large datasets.
30 Oct 2014
Version 2.7.3
  • Updated - Installation no longer sets MyISAM as the default storage engine for new tables.
  • Fixed - When incorrect IPs were present in the Blacklist new IPs could no longer be banned through the administration.
27 Oct 2014
Version 2.7.2
  • Updated - Small coding style improvements.
  • Updated - Checking if an IP is a search engine bot now uses the more reliable 'Net_DNS2' library.
  • Fixed - RSFirewall! Control Panel Module now loads jQuery from the Joomla! 3.x framework.
  • Fixed - System Check was not able to finish when files in the root were being ignored.
23 Oct 2014
Version 2.7.1
  • Updated - Servers that natively support GeoIP but don't have the database installed now display a message.
  • Updated - 'Check All' from 'Country Blocking' now behaves more intuitively.
  • Fixed - System Check was throwing an error when checking for weak passwords due to the assets table being corrupted.
  • Fixed - Admin users were not showing up in the 'Lockdown' section when the assets table was corrupted.
  • Fixed - In some cases, Google or MSN Bot verification would issue a warning.
15 Oct 2014
Version 2.7.0
  • Added - Added spam protection for forms (can be enabled in Firewall Configuration - Active Scanner).
  • Added - Added support for IPv6.
  • Added - Added support for CIDR notation and IP ranges.
  • Added - 'File Manager' (from Firewall Configuration > System Check) now displays file size and permissions.
  • Added - IPs can now be blocked easier straight from the 'System Logs' area.
  • Added - IPs can now be whitelisted from the 'System Logs' area.
  • Updated - False positive results in 'Malware check' can be instantly ignored by clicking a button.
  • Updated - If GeoIP is available, a country flag is shown next to each IP in the 'System Logs'.
  • Updated - 'Bing Bot' is now whitelisted by default.
  • Updated - 'Malware check' improved - checks for rogue files in the Joomla! root as well as other folders that shouldn't contain PHP files.
  • Updated - No longer recommending 'allow_url_fopen' to be disabled since it caused issues with the Joomla! auto-updater.
  • Updated - No longer recommending placing 'configuration.php' outside root since it proved to bring minimal benefits at the cost of modifying core files.
  • Updated - GeoIP.dat.gz can now be uploaded and will be decompressed automatically.
  • Updated - Hosting server's IP can no longer be blacklisted.
  • Fixed - Using a broken GeoIP database no longer renders website unusable.
  • Fixed - Worked around bug in Joomla! 3 that prevented the action dropdown (in item listing) from functioning correctly.
  • Fixed - Clicking 'Accept changes' for modified Joomla! core files wasn't disabling the checkboxes.
14 Oct 2014
Version 2.6.7
  • Fixed - jQuery is now loaded from the Joomla! 3 framework.
01 Oct 2014
Version 2.6.6
  • Added - Added hashes for Joomla! 2.5.27, 3.2.7 and 3.3.6
01 Oct 2014
Version 2.6.5
  • Added - Added hashes for Joomla! 2.5.26, 3.2.6 and 3.3.5
24 Sep 2014
Version 2.6.4
  • Added - Added hashes for Joomla! 2.5.25, 3.2.5 and 3.3.4
12 Sep 2014
Version 2.6.3
  • Updated - During configuration.php integrity check, configuration.php location is based on where JConfig has been initialized.
  • Updated - jQuery (loaded in Joomla! 2.5) updated to v1.11.1
  • Fixed - Deprecated jQuery function calls have been replaced.
  • Fixed - System Check could not finish due to a redirect caused by MightySites - added workaround.
  • Fixed - Domain (host) added as built-in exception for JS inclusion in order to avoid false positives during Malware check.
02 Sep 2014
Version 2.6.2
  • Fixed - RSFirewall! still asked for the GeoIP.dat file to be uploaded even if the server had native GeoIP support.
28 Aug 2014
Version 2.6.1
  • Fixed - Typo in function name and proper escaping of 'Pause between requests' value.
27 Aug 2014
Version 2.6.0
  • Updated - Improved detection of base64 encoded strings during the System Check.
  • Updated - When XDebug is enabled in PHP, the System Check is no longer available.
  • Updated - Joomla! and RSFirewall! version checking now uses caching.
  • Added - A timeout can now be set between requests during the System Check.
  • Added - 'Google bot' is now whitelisted internally.
  • Fixed - IPs are now trimmed of extra spaces.
  • Fixed - Slightly improved error messages when the System Check failed.
  • Fixed - When the System Check fails, the grade is no longer calculated.
  • Fixed - System Check might have been flagged as a bruteforce attack by some server firewalls because it posted requests to 'index.php'.
25 Jul 2014
Version 2.5.12
  • Added - Hashes for Joomla! 2.5.24
  • Added - Hashes for Joomla! 3.3.3
25 Jul 2014
Version 2.5.11
  • Added - Hashes for Joomla! 2.5.23
  • Added - Hashes for Joomla! 3.3.2
23 Jul 2014
Version 2.5.10
  • Fixed - "# emails per hour" was not being used correctly.
16 Jun 2014
Version 2.5.9
  • Added - Ability to specify default file and folder permissions.
13 Jun 2014
Version 2.5.8
  • Added - Hashes for Joomla! 2.5.22
13 Jun 2014
Switched to new version mode.
12 Jun 2014
Rev 57
  • Added - Hashes for Joomla! 2.5.21
  • Added - Hashes for Joomla! 3.3.1
  • Added - Hashes for Joomla! 3.2.4
05 May 2014
Rev 56
  • Added - Hashes for Joomla! 2.5.20
  • Added - Hashes for Joomla! 3.3.0
  • Added - Option to log System Check to a file.
  • Added - Option to log all RSFirewall! blocked attempts.
  • Fixed - Large PHP files are now skipped from the Malware check.
06 Mar 2014
Rev 55
  • Added - Hashes for Joomla! 2.5.19
  • Added - Hashes for Joomla! 3.2.3
  • Fixed - Multiple IPs through proxy were not detected correctly.
07 Feb 2014
Version Rev 54
  • Added - Hashes for Joomla! 2.5.18
  • Added - Hashes for Joomla! 3.2.2
18 Dec 2013
Version Rev 53 - Joomla! 2.5/3.x only
  • Added - Hashes for Joomla! 2.5.17
  • Added - Hashes for Joomla! 3.2.1
  • Fixed - RSS Feeds handling has been rewritten.
  • Fixed - Limit for RSS Feeds items wasn't being used.
07 Nov 2013
Rev 52 - Joomla! 2.5/3.x only
  • Added - Hashes for Joomla! 2.5.15
  • Added - Hashes for Joomla! 2.5.16
  • Added - Hashes for Joomla! 3.1.6
  • Added - Hashes for Joomla! 3.2.0
  • Fixed - Checking for weak passwords during System Check did not work on 3.2.0.
  • Fixed - Added a few exceptions for some false positives during System Check.
02 Aug 2013
Rev 51 - Joomla! 2.5/3.x only
  • Added - Joomla! 2.5.14 hash files
  • Added - Joomla! 3.1.5 hash files
26 Jul 2013
Rev 50 - Joomla! 2.5/3.x only
  • Added - Joomla! 2.5.13 hash files
  • Added - Joomla! 3.1.4 hash files
  • Fixed - Worked around JView bug introduced in Joomla! 3.1.2 and upwards
29 Apr 2013
Rev 49 - Joomla! 2.5/3.x only
  • Added - Joomla! 2.5.11 hash files
  • Added - Joomla! 3.1.1 hash files
25 Apr 2013
Rev 48 - Joomla! 2.5/3.x only
  • Updated - Malware database
  • Added - Joomla! 2.5.10 hash files
  • Added - Joomla! 3.1.0 hash files
  • Added - Joomla! 3.0.4 hash files
  • Fixed - System Check was looping in some cases
05 Feb 2013
Rev 47 - Joomla! 2.5/3.x only
  • Added - Joomla! 2.5.9 hash files
  • Added - Joomla! 3.0.3 hash files
  • Added - PHP 5.2 compatibility (we still recommend 5.3)
  • Fixed - Getting an IP behind a proxy is now more reliable
09 Nov 2012
Rev 46 - Joomla! 2.5/3.x only
  • Added - Joomla! 2.5.8 hash files
  • Added - Joomla! 3.0.2 hash files
  • Fixed - Multiple issues found in R45
  • Fixed - Workaround for version checking on 2.5.x
  • Fixed - Accept changes for missing files
06 Nov 2012
Rev 45 - Joomla! 2.5/3.x only
  • Joomla! 3.0 compatibility (including responsive design & bootstrap compatibility)
  • Refactored code to use less resources
  • Completely rewritten the System Check, providing a smoother, less resource intensive experience
  • Database Check has been rewritten to work only on MySQL servers
  • System Logs are now showing more information
  • Firewall Configuration now provides more detailed options
  • The RSFirewall! Control Panel Module has been rewritten
  • Grade computing logic has been changed
  • System Overview now includes a visual graph of the latest attacks
  • Lockdown has now been split into three separate options
  • Ability to create exceptions with several filtering options available
  • Permissions check no longer runs on Windows servers
  • Password strength didn't work on Joomla! 2.5
  • Failed login attempts are now only being triggered on Joomla! logins only
14 Sep 2012
Rev 44
  • Added - Joomla! 2.5.7 hash files
28 Jun 2012
Rev 43
  • Updated - Missing language translations are now reverted to en-GB
  • Updated - Backend CAPTCHA is now disabled automatically if it cannot be shown (in 3rd Party Administrator Templates)
  • Updated - mod_rsfirewall now uses layout overrides
  • Added - Bulk adding to Blacklist/Whitelist
  • Added - Automatic blacklisting for failed /administrator login attempts
  • Added - Ability to disable backend CAPTCHA
  • Fixed - Auto blacklisting did not add the date when the ban was added
20 Jun 2012
Rev 42
  • Updated - Protections are no longer triggered for IPs in the Whitelist
  • Updated - Improvements when loading the RSFirewall! configuration
  • Added - Country blocking
  • Added - Blacklist/Whitelist management
  • Added - Ability to automatically add to blacklist repeat offenders
  • Added - Ability to limit the number of log emails to be sent within an hour
20 Jun 2012
Rev 41
  • Added - Joomla! 2.5.6 hash files
19 Jun 2012
Rev 40
  • Added - Joomla! 2.5.5 hash files
02 Apr 2012
Rev 39
  • Added - Joomla! 2.5.4 hash files
  • Fixed - Minor installation issue with Joomla! 2.5
  • Fixed - Joomla! 2.5 generator tag was not being removed
28 Mar 2012
Rev 38
  • Added - Joomla! 1.5.26 hash files
15 Mar 2012
Rev 37
  • Added - Joomla! 2.5.3 hash files
  • Added - Basic Joomla! 2.5 ACL support
06 Mar 2012
Rev 36
  • Added - Joomla! 2.5.2 hash files
  • Removed - Joomla! 1.6.x hash files
  • Fixed - Throwing false alerts from Google tracking links
  • Fixed - IP was not detected correctly when using proxies
03 Feb 2012
Rev 35
  • Added - Joomla! 2.5.1 hash files
25 Jan 2012
Rev 34
  • Added - Joomla! 2.5.0 hash files
14 Nov 2011
Rev 33
  • Added - Joomla! 1.7.3 hash files
  • Added - Joomla! 1.5.25 hash files
18 Oct 2011
Rev 32
  • Added - Joomla! 1.7.2 hash files
  • Added - Joomla! 1.5.24 hash files
  • Fixed - mod_rsfirewall was not displaying the correct image ratio
27 Sep 2011
Rev 31
  • Added - Joomla! 1.7.1 hash files
28 Jul 2011
Rev 30
  • Added - Joomla! 1.6.6 hash files
20 Jul 2011
Rev 29
  • Added - Joomla! 1.7.0 stable hash files
12 Jul 2011
Rev 28
  • Added - Joomla! 1.6.5 hash files
29 Jun 2011
Rev 27
  • Updated - Joomla! 1.7 compatbile
  • Added - Warnings when using 1.7 development version
  • Added - Joomla! 1.7.0 (beta1) hash files
  • Fixed - Tooltips in overview screen
  • Fixed - Looping error during System Check on 1.7
  • Fixed - Uninstall not removing the RSFirewall! System Plugin on 1.6
28 Jun 2011
Rev 26
  • Added - Joomla! 1.6.4 hash files
19 Apr 2011
Rev 25
  • Added - Joomla! 1.6.3 hash files
15 Apr 2011
Rev 24
  • Added - Joomla! 1.6.2 hash files
  • Updated - Skipping default Joomla! 1.6 templates (administrator and frontend)
05 Apr 2011
Rev 23
  • Added - Joomla! 1.5.23 hash files
08 Mar 2011
Rev 22
  • Added - Joomla! 1.6.1 hash files
  • Fixed - Some admin users were not being detected correctly
21 Dec 2010
Rev 21
  • Updated - Joomla! 1.6 compatible
  • Added - Joomla! 1.6.0RC1 hash files
  • Fixed - Improved SQL injection detection
  • Fixed - Improved Shell detection
  • Fixed - Improved LFI detection
  • Fixed - The check if the "admin" user is active now takes into account if the user is blocked
  • Fixed - Using native functions to check if the RSFirewall! plugin is enabled
  • Fixed - W3C Validator is now able to connect to a RSFirewall! protected website
  • Fixed - Email cloaking not working correctly
05 Nov 2010
Rev 20
  • Added - Joomla! 1.5.22 hash files
11 Nov 2010
Rev 19
  • Updated - Additional backend password has been rewritten, works on all servers and provides a nicer layout
  • Updated - SEF support detects 3rd Party SEF components as well
  • Added - Joomla! 1.5.21 hash files
  • Added - Database Check
  • Added - During System Check, the current folder is shown
  • Added - Check for .htaccess in your Joomla! root
  • Added - Number of files/folders to check in the System Check
  • Added - Ability to ignore folders/files during System Check
  • Fixed - System Check no longer hangs, it skips to the next available step
  • Fixed - Directories with slashes were hanging the System Check
29 Jul 2010
Rev 18
  • Improved - XSS attacks filtering
  • Improved - LFI "controller" injection detection
19 Jul 2010
Rev 17
  • Added - Joomla! 1.5.20 hash files
16 Jul 2010
Rev 16
  • Added - Joomla! 1.5.19 hash files
16 Jun 2010
Rev 15
  • Added - Protection against common malware User-Agents
  • Added - A few more passwords for strength test
  • Fixed - The module now uses Ajax calls to connect to the server to avoid timing out in the Administrator area
31 May 2010
Rev 14
  • Added - Joomla! 1.5.18 hash files
11 May 2010
Rev 13
  • Added - SEF check
  • Added - Session Lifetime check
  • Added - FTP password check
  • Fixed - JavaScript bug when running the System Check a second time
  • Fixed - RSFirewall! Administrator module overlapping in IE8
  • Fixed - CSS issue with grade icon in IE
  • Fixed - No longer throwing a fatal error if the helper file is missing
  • Fixed - Rewrote installation procedure
28 Apr 2010
Rev 12
  • Added - Joomla! 1.5.17 hash files
26 Apr 2010
Rev 11
  • Added - Joomla! 1.5.16 hash files
  • Added - Extra message in PHP fix
  • Fixed - Moved malware signatures to database in order to prevent server antivirus software to identify RSFirewall! as a false positive
  • Fixed - CSS issue with missing background image
  • Fixed - PayPal no longer being blocked as DoS attack
05 Nov 2009
Rev 10
  • Added - Joomla! 1.5.15 hash files
03 Nov 2009
Rev 9
  • Added - Cleaning backdoored versions of Jumi
  • Fixed - Accept change bug
29 Sep 2009
Rev 8
  • Added - Warning message for old version of Internet Explorer users
  • Fixed - System Check Javascript to work with Internet Explorer 8
24 Sep 2009
Rev 7
  • Added - Ability to show CAPTCHA after a number of unsuccessful login attempts
  • Added - Ability to ignore modified/missing files during System Check
  • Added - Logging unsuccessful attempts to login into the backend
  • Added - Password strength tester in com_users
  • Fixed - Redone the System Check to use multiple ajax threads instead of a single one
  • Fixed - Various fixes when generating php.ini
  • Fixed - com_frontpage was not showing up in the list of allowed components
  • Fixed - Wrong md5 calculated in the System Overview when a modified Joomla! file was detected
  • Fixed - DoS protection and converting emails to images still ran even with Active Scanner disabled
  • Fixed - SQL protection was flagging a legitimate server query as an injection in a special situation
  • Fixed - If a component/module or default template has been uninstalled it should not be checked
  • Fixed - Wrong language loaded when sending emails
  • Fixed - The file and folder permissions grade was not correctly calculated
  • Fixed - Using $JSession->set() to store data instead of $mainframe->setUserState()
  • Fixed - No more stripping slashes on Windows servers
  • Fixed - Improved the System Check URL recorded in the System Log
03 Aug 2009
Rev 6
  • Fixed - Results are now truncated to save server memory
  • Fixed - Optimized the checking for file and folder permissions to use less memory
  • Fixed - Optimized the checking for malware patterns to use less memory
  • Fixed - Version compare now ignores "rebranded" Joomla! versions such as "1.5.14 DutchJoomla"
31 Jul 2009
Rev 5
  • Added - Joomla! 1.5.14 hash files
  • Fixed - If Backend Access Control is enabled and there are no users selected, by default all users are allowed so you don't lock yourself out
  • Fixed - No more stripping HTML from passwords
23 Jul 2009
Rev 4
  • Added - Joomla! 1.5.13 hash files
  • Fixed - Language file wasn't loaded correctly in a special situation
14 Jul 2009
Rev 3
  • Added - Ability to generate images instead of plain text email addresses
  • Fixed - Not showing modified files in the Overview
  • Fixed - The RSFirewall! Grade did not show up in the module correctly
  • Fixed - The RSFirewall! Grade would give very high scores when having a few files or folders with wrong permissions
  • Fixed - Throwing errors when $_REQUEST contained an object or resource
  • Fixed - addslashes() escaping quotes with quotes instead of backslashes
01 Jul 2009
Rev 2
  • Added - Joomla! 1.5.12 hash files
  • Added - Removal of the generator meta tag from your Joomla! template
  • Added - Website grading system (computing a security score based on your website's security)
  • Added - System Log entry when running the System Check
  • Fixed - Minor memory optimizations

6 persons found this article helpful.


Was this article helpful?

Yes No
Sorry about that