Securitycheck Pro
Nov 23 2020: Released version 3.2.2
- + Database update until Nov 23 2020 (1 new vulnerability added) (both versions).
- + Improvements in malware scanner - new patterns added (thank you very much for your contribution Mark!) (both versions).
- + Improvements in control center tasks (thank you very much for your contribution Andreas!) (Only Pro version).
- To follow redirections when tasks connect back to control center.
- + Default .htaccess updated to follow latest security recommendations (Only Pro version).
- + Ensure compatibility till Joomla 4 beta 5 (both versions).
- + Changes in default html tags to be filtered - Xss protection (Only Pro version).
- Now the 'a' tag is filtered by default to avoid receiving spam.
- + Fixed bug in malware scan (Only Pro version).
- The function to calculate the line where suspicious pattern was found was wrong.
Sep 10 2020: Released version 3.2.1
- + Database update until Sep 10 2020 (9 new Joomla core vulnerabilities added) (both versions).
- + Improvements in cron tasks (thank you very much for your patience Brett!) (Only Pro version).
- Now the cron avoids to launch a task if an user with administrative privileges is logged in and there is a task scheduled. This way we avoid getting 504 errors if we update any extension, there is a task pending and we have many files to scan.
- + Improvements when an IP is (dinamically) blocked (thank you very much for your suggestions Alex and Jeff!) (Only Pro version).
- Now the message shown also have the IP and the time to be unblocked (only for dinamic blacklist).
- + Compatibility with Joomla 4 beta 2 (Only Pro version).
- This version is compatible with Joomla 4 beta 2.
- + Improvements in the malware scanner (Only Pro version).
- To avoid a fatal error if a mandatory class is not installed in the server.
- + Improvements in Control Center (Only Pro version).
- Now all remote actions received from Control Center are stored into a log file. We can manage this log file from "Control Center Configuration" link. This allows administrators to track what actions are launched and review then if issues arise. Into the "Control Center Configuration" there is also a new field where we can see the url to which reports are sent (where the Control Center is installed). This will be useful in a future to send info without receiving a task (for instance, the Connect plugin).
- + Fixed a typo in US translation (thank you very much for reporting this Steve!) (Only Pro version).
- + Improvements in upload scanner (Only Pro version).
- Now file's mime-type is checked to prevent dangerous uploads.
- + Fixed bug during installation (thank you very much for reporting this Hubert!)(Free version).
- There were typos into and old sql file causing an error during installation.
Jul 01 2020: Released version 3.2
- + Database update until Jun 30 2020 (5 new Joomla core vulnerabilities added) (both versions).
- + IMPORTANT: This version is needed for Control Center 2.0 (Only Pro version).
- Due to the complete redesign of Control Center, since its 2.0 version we need this version or upper to manage our sites.
- + Fixed minor bug in File integrity (thank you very much for your time Lukasz!) (Only Pro version).
- We got a blank page in PHP 7.4 after clicking on the "Mark all modified files" button.
- + Fixed minor bug in logs (Only Pro version).
- We got a warning if we don't select any log and press any "mark as" button.
- + Improvements in javascript to avoid 'unsale-eval' expressions (Only Pro version).
- + Removed cookie file and its code; using Joomla core instead and added "strict" value for "samesite" attribute (Only Pro version).
- + Added new security header: Feature policy (Only Pro version).
- The 'Feature policy' header is available into the .htaccess protection feature.
- + Changed default priority in list (thank you very much for your suggestion Jeff!) (Only Pro version).
- Now Whitelist is set as 'First priority'.
- + Improvements in firewall code (thank you very much for your help Alex!) (Only Pro version).
- To avoid warnign messages when an attack is detected and connection cut.