Released on: Monday, 02 October 2017 10:39
Server configuration makers now support WOFF2 in the expiration time feature. If you are using the .htaccess Maker, Nginx Conf Maker or web.config Maker with the expiration time feature you will see that support for WOFF2 font files, the modern format used by newer CSS frameworks, is now added. You will need to regenerate the configuration file for this to take effect.
Support for Joomla's task=viewName.taskName notation in the WAF Exceptions feature. Joomla! components using the core MVC may use the notation task=viewName.taskName instead of view=viewName&task=taskname. Due to the way Joomla! works under the hood, either could be used to get to the same page. This made writing WAF Exceptions targeting these components tricky. Now we automatically handle these tricky situations without you having to write additional WAF Exception rules. You're welcome!
Clicking on "Reload update information" will fix Joomla! erroneously reporting an update is available when you have the latest version installed. As you know, all of our Joomla! software is using Joomla's extension update feature for updates. We have no control over it. Unfortunately, sometimes Joomla! drops the ball, like persistently reporting that an update is available even though you have literally just installed the latest version. If that happens click on the Reload Update Information button in the component and we will try to beat Joomla! into submission.
Added warning if HHVM is used instead of PHP. We have seen that many hosts let you pick or silently use HHVM instead of PHP. HHVM is a different language which is mostly, but not completely, compatible with PHP. The differences cause issues in Joomla! itself as well as our software due to no fault of the developer. In fact, HHVM is optimized for use with a different language called Hack. If Admin Tools detects that you are using HHVM it will warn you and ask you to switch to PHP 7. PHP 7 is faster than HHVM and compatible with all modern versions of Joomla! (3.6 onwards) and, of course, our software.
You can now define the timezone used when sending emails with security advice. Up until now all emails were sent in the GMT timezone. This was on purpose, since the effective Joomla! timezone could be different depending on who is logged in. We thought that should people get confused with GMT they could always look at the time the email was sent which is always displayed by your mail client in your local timezone. Apparently the people who get confused with GMT don't think about looking at their email client's header line. Well, OK then, we now let you specify a timezone for all emails with security information sent be Admin Tools. It no longer has to be GMT!
WAF Blacklist rules can now apply in just the frontend of your site (default), just the backend or both. This lets you create patterns which will result in security exceptions even in the backend (administrator) of the site. Useful when you have software written by misguided developers who use an /administrator URL for public callbacks such as the return URL for credit card payments.
Updates now use HTTPS for everything, both the update information and the update ZIP file. We are ramping up the security of the software update delivery by making all update information and the update ZIP file itself be always delivered over HTTPS.
The Rescue URL was not working. We introduced the Rescue URL feature in the previous version to let you unblock yourself easily. Unfortunately, the testing only covered half of the feature (sending the email information) but not the actual Rescue feature itself. Therefore a bug slipped through rendering the feature inopearable. We fixed the bug and updated our tests to ensure that something like that will not happen again.
This version of Admin Tools will only work on Joomla 3.4 and later versions (3.5, 3.6, 3.7 and 3.8). Please note that support for Joomla! 3.4 and 3.5 may be removed in the next release.
We VERY STRONGLY advise you to update to the latest released version of Joomla! at all times. Admin Tools' support for older versions of Joomla! is only meant to be a temporary workaround while you're working on the update of your site.
Please note that we will only provide full support for the latest Joomla! version. Some features may not work at all in older Joomla! versions. We've thoroughly tested the security critical Web Application Firewall features against the supported versions of Joomla! as stated above and found them to be working properly.
Support for PHP 5.3 is discontinued. It's end of life since August 2014 and widely considered a security risk, unfit for production sites. Our software requires PHP 5.4 or later and is compatible with PHP 5.4, 5.5, 5.6, 7.0 and 7.1. At the time of this writing PHP 7.2 is still a release candidate and we cannot guarantee official support for it Please note that as of January 2017 PHP 5.6 has entered the long term support phase: bugs are NOT fixed, only major security issues will be fixed. Therefore we strongly recommend using PHP 7.1.
We'd like to remind you that Joomla! 3.4 does NOT support PHP 7. PHP 7 is only supported by Joomla! 3.5.0 and later versions. Admin Tools will work perfectly fine (and very fast!) on a Joomla! 3.6 or later site running on PHP 7.1.