Securitycheck Pro

Aug 17 2017: Released version 2.8.21

• + Database update until Aug 17 2017 (2 new Joomla core vulnerabilities and 4 new vulnerabilities added) (both versions).

Jun 19 2017: Released version 2.8.20

• + Database update until Jun 19 2017 (5 new vulnerabilities and 9 new Joomla core vulnerabilities added) (both versions).
• + Deleted Facebook User agent from default banned user-agents list (Only Pro version).
• + Added the ability to create an restore a backup of the original .htaccess file (Only Pro version).
• This way the original .htaccess is kept and we can restore it if needed.
• + Fixed bug in blacklist (thanks for reporting this Harry!) (Only Pro version).
• Ips were not deleted of dynamic blacklist after the specified interval.
• + Fixed bug adding more than one email to 'Emails notification' (thanks for reporting this Alain!)(Only Pro version).
• Due to hardenize the code multiple values in the 'Email To' field reported an incorrect validation.
• + Checking the new "Shared sessions" feature (both versions).
• If the new feature "shared sessions" is enabled 'User sessions protection' feature will be automatically disabled to avoid a denial of service.
• + Added new plugin: Securitycheck Pro installer (Only Pro version).
• Now we also can update the extension using the native Joomla core feature.
• + Fixed bug in User session protection feature (thanks for reporting this Dimitris!) (Only Pro version).
• After a failed login attempt the IP was added to dynamic blacklist.
• + Fixed css issue in logs screen (both versions).
• + Added select box to choose the option to determine component involved (both versions).
• There is a way to determine the extension involved accurately, but it fails on some Joomla installations. Now we can choose if we want to use it.
• + Fixed minor bug in url inspector (Only Pro version).
• Now it chechks if there is an empty value in suspicious words list.
• + Added Dutch translation (again) (only free version).
• Erwin, thank you very very much for your time and effort.
• + Fixed bug checking IP ranges in CIDR format (Only Pro version).
• There was a bug checking IPv4 ips into a CIDR range.
• + Improving in the feature "Import Ips" to lists (Only Pro version).
• Now we trim return carriages before importing the list.
• + Fixed minor bug in backend protection exceptions (Only Pro version).
• + Improvements in Update Database feature (Only Pro version).
• Now we also look for the "Download id" in Configuration option of Securitycheck Pro.
• + Improvements in main panel (Only Pro version).
• Now we also see the status of our subscriptions.
• + Improvements in update notifications for Control Center (Only Pro version).
• + Fixed minor bug in onlinecheck agains OPSWAT (Only Pro version).
• Due to a change in the OPSWAT response the info when a file/hash submitted is not found was incorrect.
• + Fixed bug related to non-utf8 filenames (Only Pro version).
• There was a bug transforming non-utf8 filenames to utf-8.

Apr 17 2017: Released version 2.8.19

• + Database update until Apr 17 2017 (46 new vulnerabilities added) (both versions).
• + Improvements in malware scanner (thanks for your contribution Igor!) (Only Pro version).
• + Fixed bug in Control Center (Only Pro version).
• Fixed bug updating the Joomla core using Securitycheck Pro Control Center in PHP 7.
• + Improvements in .htaccess protection (Only Pro version).
• Now we can choose to which url will be redirected all attempts to access the backend without the secret key.
• + Fixed minor bug exporting info(Only Pro version).
• If the site name contains spaces filename to be exported was generated without the extension.
• + New feature: url inspector (Only Pro version).
• The url inspector allows us to ban IPs that use forbidden words in urls. This way we have a powerful mechanism to control all queries to our website, even those that are redirected to a 404 page. For example, if we receive an url to access to wp-admin.php, that is typical of Wordpress sites, the url inspector can be configured to add the IP to blacklist because it's clear that it's not a valid query. This feature doesn't break other sef extensions installed.
• + Changed log icons (Only Pro version).
• All icons have been replaced with new ones with a more fresh style.
• + Fixed minor (and rare) issue causing a blank page on main panel (Only Pro version).
• In some websites a blank page arises accessing to main panel. This was due to an accent in a javascript comment!
• + Improvements in default banned user-agent list (thanks for your contribution Marko!) (Only Pro version).
• + Minor improvement in geoblock Geolite update (Only Pro version).
• Now we see the error code if for some reason the extension can't reach Maxmind servers.

Aug 17 2017: Released version 1.1.18

• + Fixed bug in remote backups (thanks for your time and patience Fabian and Pablo!)
• Some websites return a 301 code when the remote backup is launched; added some code to solve this.
• + New feature: automated backups.
• Now we can also launch an automated backup in any of our managed websites.
• + Fixed bug in .htpasswd (thanks for your patience Frank!)
• No task worked if there was a .htpasswd in frontend.
• + Improvements in usability (thanks for your suggestion Frank!)
• Now the screens to manage websites are responsive.
• + Fixed bug in "select all" checkbox
• Not all websites were selected.
• + Fixed bug showing all managed websites after a task
• After launching a "refresh" or "upload&install" task from "managed websites" screen only selected websites were shown.

Jun 19 2017: Released version 1.1.17

• + Fixed grammar issues in english translation
• Thanks for your contribution Richie!
• + Fixed bug updating Securitycheck Pro (thanks for reporting this Richie!)
• Updating the extension ended with an error message.
• + Added new plugin: Securitycheck Pro Control Center installer
• Now we also can update the extension using the native Joomla core feature.
• + Improvements in main panel
• Now we also see the status of our subscription.
• + Improvements in remote backup with Akeeba
• Now we can select the profile to launch the remote backup.
• + Changes in a task (thank you very much for your suggestion Kai!)
• The "Delete all blocked acccess logs" task is now "Delete all logs". This means ALL logs of remote sites will be deleted if we launch this task.
• + Improvements in update notifications (thanks for your suggestion Pablo!)
• Now we see installed and available version (as Joomla does) on each update found.
• + Fixed minor bug during core update (thanks for your suggestion Kai!)
• By mistake this process created a new path into de administrator folder.
• + Changes in Manage Websites screen (thanks for your suggestion Kai!)
• Now we also see the date of last file permissions, integrity and malware scans.

Apr 20 2017: Released version 1.1.16

• + Fixed minor bug in manage websites screen.
• First time the "select all checkboxes" button is clicked no data is sent to tasks.

Dec 22 2016: Released version 1.0.3

• + Fixed bug: IP was not added to logs.

Jun 27 2016: Released version 1.0.2

• + Now we can choose which parameters (email, ip and username) must be checked against the StopForumSpam (requieres Securitycheck Pro).

May 31 2016: Released version 1.0.1

• + Fixed bug checking against the Stopforumspam server that could cause a false positive.