Release 1.6.1 - 20 March 2019
- Add workaround for JCH Optimize installation - the script assumed that the installation was done from within com_installer
- Correct JS bug which made extension installations return a red error bar even if they succeeded
- WordPress sites were showing Joomla icon in list view
- New upgrade site interval setting was not implemented for extension upgrades
- Extension update check was showing in green even if there was updates available
Release 1.6.0 - 19 March 2019
- Add site specific backup times - you can set a schedule of backups, monthly, weekly or daily selecting specific dates/days and time(s)
- Add suggested cronjob interval information on the config page.
- Add support for site up checks and basic advisory checks on non-Joomla/WP sites
- Split the site processing interval config option to allow software updates to be processed with bigger time gaps than update checks.
- Add support for rebuilding update sites on client sites
- Add new site option to force all client site communication to use HTTP POST and not use HTTP GET at all - helps with sites with very strict htaccess rules.
- Fix for errors thrown on YourSites server when Joomla custom fields plugin is disabled
- If Joomla update fails check for another available update before returning an error
- Trap extension updates that fail due to bad extension package names
Release 1.5.0 - 8 February 2019
- Support for WordPress & ClassicPress sites - please enable this in the YourSites config on the 'experimental features' tab
- Implement Site software version block to stop Joomla or WP being upgraded accidentally to a version you are not yet ready to use. Can be configured universally or on site specific basis
- 'Health Check' renamed 'Advisory Checks' and additional tests added. See the 'Advisory Checks' menu item under 'Site Checks'
- New optional config option on site specific basis to only notify after a site has been down for a minimum length of time - important for sites on slow webhosts which can look as though they are down even if they are only just busy
- Allow client plugin to force YourSites to provide 2 factor token when using direct login - this works best with YubiKey since the same token can be used on multiple websites and you just need to keep the dongle in your USB port.
- Make sure Akeeba DLID can be used in Wordpress/Classicpress sites
- Provide up time stats in the information block for each site
- Correct handling to extension upgrade notices that require user interaction e.g. for Kunena
- clean up duplicate extension data introduced in earlier version of YourSites - didn't affect functionality but made the table large and in could ahit performance of extension update checks
Release 1.4.5 Beta - 10 December 2018
- Support for WP sites - please enable this in the YourSites config on the 'experimental features' tab
- New 'Health Check' - first tranche of site health and basic security checks of client sites are introduced. See the 'Site Checks' menu in YourSites
- New client plugin structure - moving to a single system plugin. For a transition period you will see the old client plugin still installed but disabled - once 1.4.5 stable is released we will uninstall the old plugin.
Release 1.4.4 stable - 10 December 2018
Version 1.4.4 introduces 3 new security enhancements. Please see our blog article at "Security Enhancements in version 1.4.4" for a more detailed explanation of these changes.
- Add time expiring generic tokens for client packages so that a downloaded client package can only be used to connect a site for a limited period of time.
- Block theoretical XSS exploit from installing the client package on a hacked website.
- Immediately remove temporary copy of client pacjage file onces its been created.
- Direct login to client sites where Akeeba AdminTools was testing a secret work was failing.
- Eliminate creation of internal duplicate data in extensions when checking for new extensions.
Release 1.4.3 stable - 03 December 2018
- Direct login was failing in version 1.4.2 because remoteDebug model method was incorrectly declated as private
Release 1.4.2 stable - 29 November 2018
- Add block upgrade filter to extensions model so that cron update checks can ignore extensions where upgrades are blocked
- Minor language file corrections
- Add table column alias for published state - resolves issue with trashing/unpublishing sites introduced in Joomla 3.9.1
Release 1.4.1 stable - 13 November 2018
- List of extensions should filter out Joomla core extensions by default
- Missing language string in extension installation popup
- Correct setting of extra_query on update sites table so that future updates of YourSites are picked up without a 403 error
Release 1.4.0 stable - 12 November 2018
- Add support for Joomla 3.9 action logs in YourSites client - please enable within YourSites config.
- Add extensions update for list of sites visible in extensions view - useful if you are filtering on a specific extension and want to make sure all the sites have been checked for updates of this extension.
- Better explanation of upload size for installations - incorporate information about post_max_size effect
- Allow direct login to take a redirect URL - this is used to handle extension updates that require secondary processing e.g. EasyBlog
- Add a warning about Cronjobs for YourSites servers that configured to be offline.
- Manage installation of extensions that offer a 'continue with installation' type link in their postflight output
- Add timeout config option for site up tests
- Add extension version filter to extensions view
- Add site tags filter to extensions view
- Add warning is Akeeba is not installed for Run All Checks
- Add no backup method message to site config if akeeba is not installed or found
- Available version updates are now flagged in orange as a warning so you don't have to examine each message for update information
- Tag links in site list correctly triggers filtered view of sites - before it needed the form submitted a second time
- Fix to support Joomla updates on sites with Joomla 3.9.0+ installed since they now include a checksum on the update package
- Remove some deprecated Joomla function calls
Release 1.3.0 stable - 22 October 2018
- Add Step by Step backup creation option - global and site specific to deal with sites that were timing out
- Introduce action to add site backups to cron task list on ad hoc basis
- Display Akeeba backup date/time in user timezone
- Add option to check backups next to list backups button
- Add warning before uninstalling extension
- Support for more paid extension download id support e.g. JSitemap and JCH Optimize
- Implement enable and disable extensions on client sites via Yoursites
- Make sure cron backups don't try to use javscript interface!
- Show list of executed and pending cron tasks in info tab for each site
- Make sure site registration returns helpful error messages if it fails e.g. because client site is on localhost URL
- Add warning on site checks if client site redirects e.g. domain.com redirecting to www.domain.com, prompting user to redefine the client site settings
- Split enterprise and pro packages based on subscription
- Add global config option to obtain additional connection data to help diagnose client site connection issues
- Add myJoomla plugin removal tool
- Add 3 second timeout for getting profiles for site editing view
- Add new site list filter so show sites with updates available for specific extensions
- Introduce warning feedback e.g. for unconfigured backups
- Bring site creation options together in site config (DB and FTP settings)
- Add 'matching sites' link in extensions view to give quick return to list of sites matching filters on extension page
- Extensions list should only show published sites (unless a specific non-published site is set as the filter)
- Find extensions failing was leading to the deletion and recreation of all extensions in YourSites
- Change notification email use of logo to server link since many email packages were dropping the attachment
- JCE download id handler fix
- PWT extensions need separate DLID for each one
- use time() instead of mktime() (deprecated php function call)
- Make sure when backup is created the 'last backup' field is updated
- Fix for direct login task being 'sticky'
- Switch to using / instead of index.php as root of gwejson request because of some bad redirects in htaccess lead to POST variabled being dropped. Also affected backup generation
- Only show plugin versions for published and unpublished sites (no archived or trashed sites)
- Make configuration of direct login IP checks more clear in client site plugins
Release 1.2.0 stable - 26 September 2018
- Tag list links to filtered list of sites matching specified tag
- Add option to relax direct login IP address checks for users without a static IP address
- Return other server data DB size, Cache size, post_max_size and upload_max_filesize - displayed on site information section of site list
- Add in commercial extension download Id support - Initially supporting Akeeba, RegularLabs, PWT Extensions, JCE and Falang. More to follow soon
- Add matching extension count on extension list page
- Add single - "check everything" button
- Catch bad SSL certificate errors from client sites and report these to user
- Add more helpful progress modal titles - context sensitive
- Get column heading sorting working for sites, extensions and backups views
- Show backup completed time in list of backups view
- Use Curl/socket/stream options to handle basic authentication
- Clean up orphan backups and extensions
- Switch most requests to "post" from "get" - should reduce possibility of requests being filtered by firewalls
- Use max upload site in file uploader popup for extension installation
- Use Yoursites icon in admin menu instead of infinity symbol
- Add Clear Remote Cache action on site list view
- New action menu system that stays visible when scrolling down long list of sites
- Add capability to get client information from curl connection (subject to config option) - displayed in the console log on server e.g. remote ip address etc. Can be used to diagnose connection problems
- Enable interaction with client site when frontend is protected by basic authentication - new config option
- Responses from server are now encrypted
- Correct direct login IP check logic
- Add user agent to Akeeba Backup calls - was being blocked on some servers
- Tasks table should update started_time when cron process starts not created_time
- Fix issue with lists of extensions being purged if 'fetch extensions' faile - this could sometimes lead to 'locked extensions' becoming unlocked
Release 1.1.0 stable - 5 September 2018
- Use PHP password_hash and password_verify to generate and validate security hashes
- Use sha256 hashes within PHP password_hash due to length limitations on tokens for bcrypt and password_hash
- Incorporate hash of JSON request and file data as part of the hash verification to ensure no MITM attack can change the request or tamper with installer files.
- Add support for direct login by username - still with ability for client plugin to block this completely if required
- Add 10 minute expiry on all security tokens - this additional security measure is in addition to one time usage of token. Note that the token is deleted the first time it is tested so there is no way to make multiple attempt to decryot the same token/hash combo
- Add security warnings about insecure http:// based sites
- Disable direct login to insecure http:// based sites
- Skip "site no longer available" messages in cron notifications
- Also see our news article about security enhancements
- Make sure site tasts in cron/scheduled process are not added multiple times if the addToCron process adds tasks faster than processCron deals with them.
- Fall back to HTTP_X_FORWARDED_FOR for client sites where proxies change the IP address of the request
- Full fix for tags being lost when updating client plugin. Problem was caused by a deficiency in JTable class where default store method loses the connection with the tags data.
Release 1.0.0 stable - 17 August 2018
- Added disabled extension information to list of extensions
- Allow option to backup before Joomla or extension update to be a site specific option by adding to the site details edit page
- Block attempt to backup before Joomla or extension update when Akeeba Backup is not installed
- Add minimum version of PHP 7 warning on server pages if using PHP 5.x
Release 1.0.0rc3 Release Candidate 3 - 9 August 2018
- Added installation message with links to documentation etc.
- Added getting started instructions on home page
- Finish implementation of server IP and domain checks when enabled in client plugin
- Fix for extension updates in 1.0.0rc2
Release 1.0.0rc2 Release Candidate 2 - 8 August 2018
New Features (User driven functional requests for stable release)
- Add support for RegularLabs DownloadId via YourSites config - no need to specify on each managed site directly. More vendors/extensions to be supported soon
- Distinguish between site being 'offline' in Joomla and really unavailable/offline with corresponding styling in site list
- Extensions needing updates count should not include blocked extensions
- Improved styling of notification emails
- Add extension filter to list of sites so you can find sites with specific extension installed
- Add "unable to unpack update package" message for extension updates that fail for this reason
- Fix for download of client package in Chrome Browser
- Fix for extension description translations causing JSON encoding problems when finding some extensions
- Language file corrections
- Correct picking up of default Joomla install username
- Use htaccess username/password during Joomla update where set for yoursites site
- Do not check index.php for site up - can cause problems with some AdminTools sites that redirect this to /
- Add FixTags method to Site Table to stop tags data being lost when saving NOT from a form submission
Release 1.0.0rc Release Candidate - 18 July 2018
- Add easy link to fetch new logo url
- Logo URL falls back to monochrome Joomla icon when no logo url is set or found
- Add default username to search for on client site for direct login when installing via Watchful
- Show message if no matching extensions when filtering list
- Add progress info to check extensions popup
- Add site check/is up button to action buttons
- Add specific page checks to site up checking - you can add URLs in the site detail that you want to check
- Add one click check that site is up next to site name/URL if its marked as down
- Hide backup buttons and actions when none of the listed sites have Akeeba backup installed
- Add PHP version warning - requires version 7.0.x of higher
- Cosmetic code changes required to pass JED extension checker
- Fix plugin version filter (you may need to check extensions for your sites before you see the correct results)
- Clarify max_execution_time warning message
Release 1.0.0beta - 10 July 2018
- Add support for automated backup generation via cronjob/scheduled task
- Add option to backup client site before Joomla upgrade
- Add option to backup client site before extension upgrades (when used on site specific basis i.e. only when upgrading extensions on ONE site at a time)
- Add notification intervals for checksiteup, checkcore and checkextensions (see cron article for more details)
- Add sorting by backup start date and akeeba backup version
- Display tags in site list view - but only if there are any used
- Allow dynamic tag creation
- Fixing a few php notices that caused problems
- Updated client plugin update instructions
- Add warning message if unable to set max_execution_time
- Add link to cron instructions document in config page description.
- Installation of Joomla via FTP now sets up client plugin as final step
- Add webpage->code != 200 error messages
- Better handling of logo url on sites in sub-directories
- Better error handling during registration of sites - suppressing php notices etc.
- Fixing a few php notices that caused problems
- Add JSON wrapper for output from client plugin - should reduce issues with client sites with system plugins that send headers/output too soon
Release 0.7.3 - 26 June 2018
- Add option in YourSites to disable direct login links to client sites - if set to disabled then this setting propogates when the YourSites client plugin is installed or upgraded
- Add option in YourSites client plugin to disable direct login links on specific site
- Capture favicon logo to display in list of sites.
- Workaround for Joomla change in 3.8.9 where helper file would not be found if folder is a symbolic link
- Add separate security tokens for each step of the Joomla upgrade
Release 0.7.2 - 25 June 2018
- Add flag on extensions table/list to allow blocking of extension updates for specific extension/site combination e.g. to allow no updates of paid extensions for client who hasn't paid etc.
- Graduated colours for latest backup display to show how out of date it is with ability to configure what an 'old backup' is
- Fix for creation of token tables on client site that was introduces in version 0.7.1 that may have stopped some checks from running. You should be able to just install the 0.7.2 client upgrade from YourSites to resolve the issue going forward.
- Where Akeeba is installed on client site but there is no backup available YourSites now displays Akeeba version number instead of ?
Release 0.7.1 - 20 June 2018
- Add secretkey support to cron/scheduled task execution
- Add extra check on security tokens to make sure they can only be used once - tokens are now stored in the client site database when they are generated and once they have been used they are deleted and cannot be reused. This eliminates the possibilty that a token can be reused by the server
- Cronjobs wouldn't work on some sites because of the way IP address checking was implemented
- Language file fixes
Release 0.7.0 - 20 June 2018
- Add cron based automated checks using either cli or webpage calls. Checks for Joomla and extension updates and if the client site is up. Frequency can be configured.
- Add support for Joomla tags on sites - sites can be filtered by tag
- Add support for Joomla custom fields on sites
- Checking Joomla Updates now brings in site information e.g. PHP version, DB version and sites can be filtered on these values
- Add support for uninstalling extensions
- Site action buttons are now grouped by type with differentiating background colours
- Add filter on sites page for sites with extensions needing updates
- Add information icons instead of blank spaces for missing data e.g. Akeeba backup column etc.
- Add CSV import of sites with example file
- Strip iframe tags from installation and update feedback messages
- Fixed installation of client script via Watchful.li - was not picking up base URL correctly so sometimes automated connection wouldn't work
- Download client script now resets the task on the list page so you can continue with other actions/searches
- Fix for root user id field
- Language file fixes missing translations
- Remove default values for root user is and password
- Fix initial plugin version showing as 0.6.6
Release 0.6.1 - 6 June 2018
- Action icons moved to left side panel that expands when mouse moves over it
- Add download id to support upgrades in the future
- Add client plugin status messages and explanations
- Update client package version number after upgrading
- Fix finding extension updates where sub-version numbers go beyond e.g. version 5.11.2 should be greater than 5.9.9
- Added sorting extensions by available version number
- Newly installed client sites should show coreversion in blue since we don't know if its up to date
- Add icons to show what to look for into language strings for plugin version warnings
- Correct edit toolbar button task
- Correct error message during core checking
- Add site updates type filtering to sites list
- Progress box title wasn't translated
- Language file tweaks
- Client install package was setting initial pluginversion to 0.6.6 instead of 0.6.6 - would be replaced when version check was undertaken so not a big problem and won't block us using version 0.6.1