10 May 2018
There are two closely related information disclosure issues in Admin Tools. Installing version 5.1.0 addresses both of them. Most sites can not be hacked remotely but will very likely disclose privileged information to a hacker who has already infiltrated the site. People stuck in older versions should read through this document for mitigation procedures.
Please keep in mind that sites using our recommended configuration, as applied by the Quick Setup Wizard were only in moderate risk: some usernames and passwords were logged in the database and possibly the debug log file which are only available to Super Users and people with filesystem access to your site. While not ideal, it's not a huge risk, i.e. you can't be hacked remotely. On a minority of sites and only as a result of manual configuration it is possible that in some cases a remotely accessible log file may contain both usernames and passwords, leading to a serious security concern.
This document is published both on our site and as part of the Release Notes of the new Admin Tools version.
25 January 2018
Akeeba Ltd is excited to present testing versions of its flagship backup and security software bearing a new interface design. The new, developed wholly in-house, design is called Akeeba Front-End Framework (FEF) and will be implemented in all of our products in the coming months. We kindly ask for your help to put the new design through its paces and send us your feedback if something's broken. You can find the beta releases on our Downloads page.
The number of issues with Bootstrap (and with any generic CSS framework) has led us to seek a better alternative to building a beautiful interface for our software. We decided to create our own, to our exacting specifications. This work started over a year ago and was only possible to complete in late 2017 due to us using leading edge CSS features.
Akeeba Front-End Framework (FEF) is a CSS framework designed to our specifications by our UX consultant and front-end developer, Crystal Harris. It does have some unique advantages over Bootstrap and other CMS-specific CSS frameworks.
Non-conflicting. FEF is designed to live entirely under its own namespace and has a prefix on all of its CSS classes. It's also explicitly designed to be able to work inside a page which already uses a different CSS framework, such as Bootstrap.
FEF also has features common with other existing CSS frameworks.
Responsive. It's 2018. We use all sorts of devices, from legacy smartphones with tiny 4" displays to desktops with 27" 4K (or even higher resolution) monitors. FEF is designed to scale seamlessly.
Clean, flat design. We made sure that the interface is clean and readable as a feature, rather than as an afterthought. The use of whitespace, the flat design and the careful selection of colors allows our FEF-based software to blend in with your sites.
Icon fonts. We are moving away from the use of bitmaps (images) from our software, replacing everything with beautiful, scalable icon fonts. FEF comes with a mix of IonIcons and our own icon set. The result is faster loading, clean-looking pages.
We are experienced and thorough but the fact remains that we are only humans. As the old adage goes: to err is human, to beta test divine - or something like that! We need your help, dear users and clients, to put the new interface to its paces. This should be safe -the backend code is stable and we are crazy enough to eat our own dog food on our production sites- but we would like to ask you to only try on development and test sites, not your production sites. If you find bugs, please report them and we will fix them.
We expect to release 2-3 beta versions and 1-2 release candidates for Akeeba Backup for Joomla!, Akeeba Backup for WordPress, Akeeba Solo and Admin Tools spaced about two to three weeks apart. Please do test and do report bugs. We swear we don't put bugs intentionally; also, they'll only ever be fixed if a user -that's you!- reports them to us. Hopefully our collaboration will result in a stable version being released before Easter i.e. sometime before April 1st. Thank you!
Akeeba FEF is meant to have the following browser compatibility:
Please do not report issues for unsupported browsers or ask us to add support for them. In short, old browsers lack proper support for the CSS Grid Layout. We could have build a CSS framework using floats, like Bootstrap, but we'd end up with the same long term issues as Bootstrap with regards to responsiveness and compatibility with the third party CSS included in popular CMS (either built in or applied by other extensions / plugins). The goal of FEF is to provide a user interface framework to carry us to the next 5-10 years, not an exercise in repeating mistakes other people have done 5-10 years ago.
Before reporting an issue please check the following list (updated every time we spot / fix something).
Tabs display as sliders on IE11. This is by design. The CSS Grid support in IE11 lacks some features necessary to correctly render tabs.
More white space is shown on IE11 than any other browser. Won't fix. Well, let's just say there is a reason Microsoft threw the whole Internet Explorer code base to the trash and wrote Microsoft Edge from scratch.
Thank you all in advance!
29 August 2017
The updates released to Akeeba Backup for Joomla!, Akeeba Backup for WordPress and Akeeba Solo in the second half of August 2017 are security updates. These versions fix a number of security issues reported by Aram Nap of Securify, as well as another security issue we have detected ourselves. None of these issues has been used to hack any sites. None of these issues can be used to remotely hack / take control of your site.