Cleaning your temporary files directory
Your Temporary Files directory (called
Temp-directory in your site's Global Configuration
page) is the directory where Joomla! and its extensions put all
transient files when installing software or performing other kinds of
file manipulation activities. One problem with that directory is that
sometimes files can get stuck in it, for example after a failed update.
This not only causes a space problem —as these files take up valuable
disk space— but can also compromise your site's security as these files
may contain potentially sensitive information, or may be executable PHP
files. While the latter issue can be usually worked around by using the
front-end protection mode in the .htaccess Maker feature of Admin Tools
Professional, the proper solution is to periodically clean the contents
of that directory.
Admin Tools Core and Admin Tools Professional include the
Clean Temp-directory feature which will do that for
you with a single click! More specifically, it will automatically remove
all files and directories from your Temp-directory except
any of those files exists.
Admin Tools asks Joomla! to tell it where the temporary
directory is located and then asks Joomla! to delete its contents.
This has a couple of pitfalls:
Your temporary directory is what you have configured in your
site's Global Configuration page, in the
Temp-directory option. If you see something
there please note that it is NOT the same as the directory inside
your site named
tmp. The directory inside
your site is a full path which usually looks like
If your temporary directory is outside your site's root or
contains double dots (e.g.
will REFUSE to delete its contents. This is
not a bug in Admin Tools, it's how Joomla! itself is designed to
Being able to delete the contents of the directory depends
largely on its permissions. If Joomla! doesn't have browse
permissions to this directory it can create temporary files just
fine and delete them when it still knows their name (right after
creating them), but not when Admin Tools asks it to delete the
contents of the temp-directory. The reason is quite technical:
Joomla! can't list the contents of the directory, therefore it
can't know which files / folders it contains and as a result
doesn't know what it has to delete. This is how filesystems work,
not a bug in Admin Tools.
On some servers you may need to use Joomla!'s FTP layer to
delete the contents of the temp-directory. We consider this a
major indicator of a critically bad server security model. If you
are hosted on such a server we strongly advise you to move to a
different host or, at the very least, express your concerns to
your host. Each site should run under its own user and never,
ever, require the FTP layer.