RS Firewall

Version 2.11.21

    Updated - IP address is now included in the subject of the email alerts.
    Fixed - Table Views are no longer checked in the Database Check because they will halt the check.
    Fixed - In some cases disable_functions was not returning the correct count.


Version 2.11.18

    Fixed - In some rare cases, a MySQL warning would show up in the logs if BINLOG_FORMAT was set to STATEMENT.
    Fixed - SimplePie User Agent was incorrectly triggering the Dangerous User Agent protection
Version 2.11.17

    Fixed - An error would occur in the Blacklist/Whitelist area when adding a range or a CIDR IP in the lists.


Version 2.11.16

    Added - Can specify new System Check options: Max retries, Pause between retries, toggle MD5 Signatures DB off.
    Fixed - In some cases the Control Panel Module would timeout due to request parallelization.


Version 2.11.15

    Fixed - In some cases country flags were not showing up correctly next to IPs.
    Fixed - IPv6 lookups could lead to malformed URLs due to an incorrect encoding.


Version 2.11.14
Fixed - Changing a protected user could generate a Fatal Error if information was stored incorrectly in the database.


Version 2.11.13
Fixed - In some cases, emails that were converted to images were disrupting the HTML markup.

Version 2.11.12
Added - Joomla! 3.8.5 hashes.
Fixed - Update Code was incorrectly reset when uploading a new configuration.


Version 2.11.10
Updated - Malware database updated.
Updated - Can now grab IP from Cloudflare and Incapsula supplied headers.
Updated - Non-core extensions no longer show up as missing when running the System Check.

20 Sep 2017
Version 2.11.9

Added - Joomla! 3.8.0 hashes.
Updated - Malware database updated with ~10.000 hashes.
Fixed - Uninstalling did not remove the Installer Plugin.
Fixed - signatures.data.sql files are now deleted because they were causing some hosting provider virus scanners to go off.
18 May 2017
Version 2.11.8

Updated - No longer recommending disable_functions to include phpinfo and show_source.
Updated - System Check now recommends expose_php to be Off.
Updated - Some more explanations in the 'Server Configuration' area.
Fixed - 'Log all blocked events' would not take the 'Mozilla' User Agent into account.
Fixed - The #__rsfirewall_offenders table was not being pruned causing this table to reach a large size.
04 Apr 2017
Version 2.11.7

Updated - Can now remove Mozilla from 'Deny access to the following User Agents' section.
Updated - System Check will now display the file modification time for core modified files and malware.
Updated - Lockdown options have been moved to a separate tab for better visibility in the Configuration area.
Updated - System Check now identifies dot files as suspicious (except .htaccess, .htpasswd, .htusers, .htgroups)
Fixed - Google API key errors no longer intrerrupt the System Check.
13 Feb 2017
Version 2.11.6

Updated - Malware database updated.
Fixed - Saving the configuration.php file was not changing permissions back to 0444.
Fixed - mod_rsfirewall will no longer trigger the AJAX requests in parallel.
Fixed - Cyprus was erroneously set in Asia.
Fixed - Various language improvements.
29 Nov 2016
Version 2.11.5

Fixed - Scanning for malware AJAX response could be scrambled by an incorrect encoding of a malware pattern.
31 Oct 2016
Version 2.11.4

Updated - Malware database was updated.
Updated - More thorough check for Joomla! < 3.6.4 vulnerability.
Fixed - In some cases, GeoIPv6 functions might throw an error.
06 Oct 2016
Version 2.11.3

Fixed - Checking for the GeoIP v6 file was not working correctly.
28 Sep 2016
Version 2.11.2

Fixed - In some cases when using reverse proxies, the REMOTE_ADDR variable contained multiple IPs and threw an error.
Fixed - GeoIP was incorrectly initialized when not enabled.
Fixed - Google Safe Browsing error messages are now displayed to provide more details.
07 Sep 2016
Version 2.11.1

Updated - IPv6 GeoIP database support.
Updated - Improved Country Blocking interface initial setup.
Updated - Google Safe Browsing API updated to v4.
Updated - Malware database updated.
Fixed - Permissions were not being saved correctly due to Joomla! changes since 3.6.0.
Fixed - Denied referers were not recorded in the System Logs even with 'Log all blocked attempts' set to 'Yes'.
05 Aug 2016
Version 2.11.0

Added - Map of blocked attacks in the System Overview area.
Updated - Malware database updated.
Updated - Replacing email addresses with images has been re-worked to reduce page load.
Updated - More information shown when a protected user change has been attempted.
Fixed - No longer allows you to delete files from your Temporary Folder if it's incorrectly set and contains your website's folder.
Fixed - System Logs was becoming slow due to missing indexes on tables.
09 May 2016
Version 2.10.2

Updated - A log entry will be created when a change is attempted on a protected user.
Updated - A log entry will be created when the creation of a new administrator is blocked.
Updated - Malware database updated.
Fixed - Old log entries were not deleted according to the settings.
01 Apr 2016
Version 2.10.1

Added - Check your website's status in Google Safe Browsing lists.
Added - View and remove files that have been ignored during the System Check through "Accept changes".
Updated - Malware database updated.
19 Feb 2016
Version 2.10.0

Added - Built-in exceptions for com_plugins, com_templates, com_modules
Updated - Show number of files (hashes) modified or missing from your Joomla! installation.
Updated - Can overwrite modified files or add missing files straight from the Joomla! repository.
Updated - Malware database updated.
Fixed - If no signatures are present an error messages is shown during the System Check scan.
Fixed - 'Error! is not a valid folder' message rewritten to make more sense.
Fixed - Creating php.ini: open_basedir value could have contained empty paths in some cases.
Fixed - Creating php.ini: open_basedir did not return the correct session.save_path.
Fixed - Checking temporary files might not have listed files in some cases.
25 Jan 2016
Version 2.9.7

Added - View contents of files tagged as malware directly from the System Check area.
Updated - Malware database updated.
Fixed - Invalid data could be stored when activating 'Protect the following users from any changes'
21 Jan 2016
Version 2.9.6

Updated - Notification emails now contain the 'Debug information' as well.
Updated - System Check now ignores folders it cannot access rather than stopping.
Fixed - System Check could not be completed when encountering a symbolic link pointing back to the Joomla! root.
22 Dec 2015
Version 2.9.5

Fixed - Reverted some functions so that Joomla! 2.5 is still supported.
22 Dec 2015
Version 2.9.4

Updated - File paths in the Ignore files and Monitor files section are now stored with relative paths when backing up.
Updated - Can choose if you want to keep the Update Code from the configuration.json.
Fixed - Converting email addresses to images displayed a PHP Notice in some cases.
21 Dec 2015
Version 2.9.3

Added - System Check now checks if the Session Handler is set to 'Database' and issues a warning.
Added - Select which headers to check for the real IP if server behind proxy (wasn't configurable until now).
Updated - Can now filter based on Blocked status in the System Logs area.
Updated - Debug information in System Logs hidden by default - a 'Show' button has been added to display it.
Fixed - Session injection protection did not automatically blacklist IPs.
Fixed - Language strings in the mod_rsfirewall module were not loaded if the System Plugin was disabled.
Fixed - In some cases, the System Check would write a log even if the option was disabled.
Fixed - Converting email addresses to images did not work with new (long) domain extensions.
16 Dec 2015
Version 2.9.2

Updated - Further improvements to session injection vulnerability prevention.
15 Dec 2015
Version 2.9.1

Updated - User Agent Blacklist updated to prevent Joomla! session vulnerability.
Updated - Malware database updated.
11 Dec 2015
Version 2.9.0

Added - Can now view differences in modified core Joomla! files.
Added - Ability to deny referers by specifying the domain name.
Added - Export & import configuration data.
Added - Download System Logs in CSV format.
Updated - Country Flags are now displayed on the Blackist/Whitelist page.
Updated - Visually improved Backend Login and Forbidden views.
Updated - Backend Login and Forbidden views can be overrided through the template now.
Updated - No longer checking 'register_globals' and 'safe_mode' on PHP 5.4 and newer.
Updated - System Check last run time is now recorded.
Updated - Small interface improvements.
Updated - New malware signatures added to the database.
Fixed - Updating the component did not run the necessary queries when using MySQL (PDO).
22 Sep 2015
Version 2.8.14

Fixed - Add to Blacklist and Add to Whitelist buttons from the System Logs area were not working correctly.
30 Jul 2015
Version 2.8.13

Fixed - Backend login CAPTCHA no longer appeared due to a HTML change in the mod_login layout.
03 Jul 2015
Version 2.8.12

Added - Hashes for Joomla! 3.4.3
01 Jul 2015
Version 2.8.11

Added - Hashes for Joomla! 3.4.2
29 Jun 2015
Version 2.8.10

Added - Joomla! updates integration.
Fixed - Clicking on countries in the Country Block area did not work on Google Chrome and Internet Explorer.
25 May 2015
Version 2.8.9

Fixed - Blacklisting no longer worked if a wrongfully added IP range was present in the database.
21 May 2015
Version 2.8.8

Added - Ability to select a continent to block.
Updated - Malware signature database.
15 May 2015
Version 2.8.7

Updated - 'Automatic blacklisting for /administrator login' is now independent of the 'Automatic blacklisting' option.
Updated - 'Enable CAPTCHA' is now independent of the 'Automatic blacklisting for /administrator login' option.
Fixed - Dashboard message that a file has been modified persisted even after replacing the file with the correct version.
Fixed - Logging in successfully now resets the number of login attempts to 0.
Fixed - 'Monitor the following files for changes' was not being loaded correctly from the Configuration.
Fixed - When using a PDO MySQL database an error was thrown.
Fixed - Longer texts in the System Logs areas were showing outside of their bounding area.
04 Mar 2015
Version 2.8.6

Added - Hashes for 3.4.0
Added - Hashes for 2.5.28
Fixed - Due to this Joomla! 3.4.0 issue uploading the GeoIP.dat.gz file did not work anymore.
03 Mar 2015
Version 2.8.5

Fixed - The backend sidebar on Joomla! 3.4 was not showing correctly.
03 Feb 2015
Version 2.8.4

Added - Whois service for IPv4 can now be configured instead of the default 'http://whois.domaintools.com'.
Added - A separate Whois service for IPv6 can now be configured.
Added - Warning message shows up when 'Disable the creation of new Administrators' is active and you're editing a user in User Manager.
Updated - Logging more events (if it's enabled) when performing the System Check to aid during debugging.
Fixed - In some cases, the JSON result returned by the System Check couldn't be decoded.
Fixed - Country Flag did not appear in the System Overview page.
Fixed - Country Flag did not appear in the RSFirewall! Control Panel Module.
14 Jan 2015
Version 2.8.3

Fixed - 'System Overview' graph wasn't showing properly.
Fixed - 'Protect the following users' was creating duplicate users when the user didn't exist.
Fixed - 'Protect the following users' was throwing a 'JUser::_load unable to load user' error when the user didn't exist.
06 Dec 2014
Version 2.8.2

Updated - Malware database has been updated with new signatures.
Updated - Rewrote 'System Plugin is disabled' message and added suggestions to fix.
Updated - 'Ignore files and folders' and 'Monitor the following files for changes' width increased.
Fixed - Resolved a '500 View not found' error in frontend.
28 Nov 2014
Version 2.8.1

Fixed - Solved an incompatibility with PHP 5.2 when enabling 'Protect forms from abusive IPs'.
27 Nov 2014
Version 2.8.0

Added - Hashes can now be downloaded straight from our update server without installing a new version of RSFirewall!.
Fixed - Scanning the integrity of files no longer works on development releases (such as alpha versions of Joomla!).
Fixed - Scanning could not finish no longer shows up when you're missing hashes for your version.
Fixed - Detecting invalid inclusions (CryptoPHP) in PHP scripts (in the Checking for malware step) was too sensitive.
18 Nov 2014
Version 2.7.5

Updated - Database Check now only performs tasks on MyISAM tables.
Updated - Checking for malware now detects invalid file inclusions in PHP scripts.
Updated - A warning message pops up when attempting to navigate away when the System Check is still in progress.
07 Nov 2014
Version 2.7.4

Updated - System Overview graph has been optimized for use with large datasets.
30 Oct 2014
Version 2.7.3

Updated - Installation no longer sets MyISAM as the default storage engine for new tables.
Fixed - When incorrect IPs were present in the Blacklist new IPs could no longer be banned through the administration.
27 Oct 2014
Version 2.7.2

Updated - Small coding style improvements.
Updated - Checking if an IP is a search engine bot now uses the more reliable 'Net_DNS2' library.
Fixed - RSFirewall! Control Panel Module now loads jQuery from the Joomla! 3.x framework.
Fixed - System Check was not able to finish when files in the root were being ignored.
23 Oct 2014
Version 2.7.1

Updated - Servers that natively support GeoIP but don't have the database installed now display a message.
Updated - 'Check All' from 'Country Blocking' now behaves more intuitively.
Fixed - System Check was throwing an error when checking for weak passwords due to the assets table being corrupted.
Fixed - Admin users were not showing up in the 'Lockdown' section when the assets table was corrupted.
Fixed - In some cases, Google or MSN Bot verification would issue a warning.
15 Oct 2014
Version 2.7.0

Added - Added spam protection for forms (can be enabled in Firewall Configuration - Active Scanner).
Added - Added support for IPv6.
Added - Added support for CIDR notation and IP ranges.
Added - 'File Manager' (from Firewall Configuration > System Check) now displays file size and permissions.
Added - IPs can now be blocked easier straight from the 'System Logs' area.
Added - IPs can now be whitelisted from the 'System Logs' area.
Updated - False positive results in 'Malware check' can be instantly ignored by clicking a button.
Updated - If GeoIP is available, a country flag is shown next to each IP in the 'System Logs'.
Updated - 'Bing Bot' is now whitelisted by default.
Updated - 'Malware check' improved - checks for rogue files in the Joomla! root as well as other folders that shouldn't contain PHP files.
Updated - No longer recommending 'allow_url_fopen' to be disabled since it caused issues with the Joomla! auto-updater.
Updated - No longer recommending placing 'configuration.php' outside root since it proved to bring minimal benefits at the cost of modifying core files.
Updated - GeoIP.dat.gz can now be uploaded and will be decompressed automatically.
Updated - Hosting server's IP can no longer be blacklisted.
Fixed - Using a broken GeoIP database no longer renders website unusable.
Fixed - Worked around bug in Joomla! 3 that prevented the action dropdown (in item listing) from functioning correctly.
Fixed - Clicking 'Accept changes' for modified Joomla! core files wasn't disabling the checkboxes.
14 Oct 2014
Version 2.6.7

Fixed - jQuery is now loaded from the Joomla! 3 framework.
01 Oct 2014
Version 2.6.6

Added - Added hashes for Joomla! 2.5.27, 3.2.7 and 3.3.6
01 Oct 2014
Version 2.6.5

Added - Added hashes for Joomla! 2.5.26, 3.2.6 and 3.3.5
24 Sep 2014
Version 2.6.4

Added - Added hashes for Joomla! 2.5.25, 3.2.5 and 3.3.4
12 Sep 2014
Version 2.6.3

Updated - During configuration.php integrity check, configuration.php location is based on where JConfig has been initialized.
Updated - jQuery (loaded in Joomla! 2.5) updated to v1.11.1
Fixed - Deprecated jQuery function calls have been replaced.
Fixed - System Check could not finish due to a redirect caused by MightySites - added workaround.
Fixed - Domain (host) added as built-in exception for JS inclusion in order to avoid false positives during Malware check.
02 Sep 2014
Version 2.6.2

Fixed - RSFirewall! still asked for the GeoIP.dat file to be uploaded even if the server had native GeoIP support.
28 Aug 2014
Version 2.6.1

Fixed - Typo in function name and proper escaping of 'Pause between requests' value.
27 Aug 2014
Version 2.6.0

Updated - Improved detection of base64 encoded strings during the System Check.
Updated - When XDebug is enabled in PHP, the System Check is no longer available.
Updated - Joomla! and RSFirewall! version checking now uses caching.
Added - A timeout can now be set between requests during the System Check.
Added - 'Google bot' is now whitelisted internally.
Fixed - IPs are now trimmed of extra spaces.
Fixed - Slightly improved error messages when the System Check failed.
Fixed - When the System Check fails, the grade is no longer calculated.
Fixed - System Check might have been flagged as a bruteforce attack by some server firewalls because it posted requests to 'index.php'.
25 Jul 2014
Version 2.5.12

Added - Hashes for Joomla! 2.5.24
Added - Hashes for Joomla! 3.3.3
25 Jul 2014
Version 2.5.11

Added - Hashes for Joomla! 2.5.23
Added - Hashes for Joomla! 3.3.2
23 Jul 2014
Version 2.5.10

Fixed - "# emails per hour" was not being used correctly.
16 Jun 2014
Version 2.5.9

Added - Ability to specify default file and folder permissions.
13 Jun 2014
Version 2.5.8

Added - Hashes for Joomla! 2.5.22
13 Jun 2014
Switched to new version mode.

12 Jun 2014
Rev 57

Added - Hashes for Joomla! 2.5.21
Added - Hashes for Joomla! 3.3.1
Added - Hashes for Joomla! 3.2.4
05 May 2014
Rev 56

Added - Hashes for Joomla! 2.5.20
Added - Hashes for Joomla! 3.3.0
Added - Option to log System Check to a file.
Added - Option to log all RSFirewall! blocked attempts.
Fixed - Large PHP files are now skipped from the Malware check.
06 Mar 2014
Rev 55

Added - Hashes for Joomla! 2.5.19
Added - Hashes for Joomla! 3.2.3
Fixed - Multiple IPs through proxy were not detected correctly.
07 Feb 2014
Version Rev 54

Added - Hashes for Joomla! 2.5.18
Added - Hashes for Joomla! 3.2.2
18 Dec 2013
Version Rev 53 - Joomla! 2.5/3.x only

Added - Hashes for Joomla! 2.5.17
Added - Hashes for Joomla! 3.2.1
Fixed - RSS Feeds handling has been rewritten.
Fixed - Limit for RSS Feeds items wasn't being used.
07 Nov 2013
Rev 52 - Joomla! 2.5/3.x only

Added - Hashes for Joomla! 2.5.15
Added - Hashes for Joomla! 2.5.16
Added - Hashes for Joomla! 3.1.6
Added - Hashes for Joomla! 3.2.0
Fixed - Checking for weak passwords during System Check did not work on 3.2.0.
Fixed - Added a few exceptions for some false positives during System Check.
02 Aug 2013
Rev 51 - Joomla! 2.5/3.x only

Added - Joomla! 2.5.14 hash files
Added - Joomla! 3.1.5 hash files
26 Jul 2013
Rev 50 - Joomla! 2.5/3.x only

Added - Joomla! 2.5.13 hash files
Added - Joomla! 3.1.4 hash files
Fixed - Worked around JView bug introduced in Joomla! 3.1.2 and upwards
29 Apr 2013
Rev 49 - Joomla! 2.5/3.x only

Added - Joomla! 2.5.11 hash files
Added - Joomla! 3.1.1 hash files
25 Apr 2013
Rev 48 - Joomla! 2.5/3.x only

Updated - Malware database
Added - Joomla! 2.5.10 hash files
Added - Joomla! 3.1.0 hash files
Added - Joomla! 3.0.4 hash files
Fixed - System Check was looping in some cases
05 Feb 2013
Rev 47 - Joomla! 2.5/3.x only

Added - Joomla! 2.5.9 hash files
Added - Joomla! 3.0.3 hash files
Added - PHP 5.2 compatibility (we still recommend 5.3)
Fixed - Getting an IP behind a proxy is now more reliable
09 Nov 2012
Rev 46 - Joomla! 2.5/3.x only

Added - Joomla! 2.5.8 hash files
Added - Joomla! 3.0.2 hash files
Fixed - Multiple issues found in R45
Fixed - Workaround for version checking on 2.5.x
Fixed - Accept changes for missing files
06 Nov 2012
Rev 45 - Joomla! 2.5/3.x only

Joomla! 3.0 compatibility (including responsive design & bootstrap compatibility)
Refactored code to use less resources
Completely rewritten the System Check, providing a smoother, less resource intensive experience
Database Check has been rewritten to work only on MySQL servers
System Logs are now showing more information
Firewall Configuration now provides more detailed options
The RSFirewall! Control Panel Module has been rewritten
Grade computing logic has been changed
System Overview now includes a visual graph of the latest attacks
Lockdown has now been split into three separate options
Ability to create exceptions with several filtering options available
Permissions check no longer runs on Windows servers
Password strength didn't work on Joomla! 2.5
Failed login attempts are now only being triggered on Joomla! logins only
14 Sep 2012
Rev 44

Added - Joomla! 2.5.7 hash files
28 Jun 2012
Rev 43

Updated - Missing language translations are now reverted to en-GB
Updated - Backend CAPTCHA is now disabled automatically if it cannot be shown (in 3rd Party Administrator Templates)
Updated - mod_rsfirewall now uses layout overrides
Added - Bulk adding to Blacklist/Whitelist
Added - Automatic blacklisting for failed /administrator login attempts
Added - Ability to disable backend CAPTCHA
Fixed - Auto blacklisting did not add the date when the ban was added
20 Jun 2012
Rev 42

Updated - Protections are no longer triggered for IPs in the Whitelist
Updated - Improvements when loading the RSFirewall! configuration
Added - Country blocking
Added - Blacklist/Whitelist management
Added - Ability to automatically add to blacklist repeat offenders
Added - Ability to limit the number of log emails to be sent within an hour
20 Jun 2012
Rev 41

Added - Joomla! 2.5.6 hash files
19 Jun 2012
Rev 40

Added - Joomla! 2.5.5 hash files
02 Apr 2012
Rev 39

Added - Joomla! 2.5.4 hash files
Fixed - Minor installation issue with Joomla! 2.5
Fixed - Joomla! 2.5 generator tag was not being removed
28 Mar 2012
Rev 38

Added - Joomla! 1.5.26 hash files
15 Mar 2012
Rev 37

Added - Joomla! 2.5.3 hash files
Added - Basic Joomla! 2.5 ACL support
06 Mar 2012
Rev 36

Added - Joomla! 2.5.2 hash files
Removed - Joomla! 1.6.x hash files
Fixed - Throwing false alerts from Google tracking links
Fixed - IP was not detected correctly when using proxies
03 Feb 2012
Rev 35

Added - Joomla! 2.5.1 hash files
25 Jan 2012
Rev 34

Added - Joomla! 2.5.0 hash files
14 Nov 2011
Rev 33

Added - Joomla! 1.7.3 hash files
Added - Joomla! 1.5.25 hash files
18 Oct 2011
Rev 32

Added - Joomla! 1.7.2 hash files
Added - Joomla! 1.5.24 hash files
Fixed - mod_rsfirewall was not displaying the correct image ratio
27 Sep 2011
Rev 31

Added - Joomla! 1.7.1 hash files
28 Jul 2011
Rev 30

Added - Joomla! 1.6.6 hash files
20 Jul 2011
Rev 29

Added - Joomla! 1.7.0 stable hash files
12 Jul 2011
Rev 28

Added - Joomla! 1.6.5 hash files
29 Jun 2011
Rev 27

Updated - Joomla! 1.7 compatbile
Added - Warnings when using 1.7 development version
Added - Joomla! 1.7.0 (beta1) hash files
Fixed - Tooltips in overview screen
Fixed - Looping error during System Check on 1.7
Fixed - Uninstall not removing the RSFirewall! System Plugin on 1.6
28 Jun 2011
Rev 26

Added - Joomla! 1.6.4 hash files
19 Apr 2011
Rev 25

Added - Joomla! 1.6.3 hash files
15 Apr 2011
Rev 24

Added - Joomla! 1.6.2 hash files
Updated - Skipping default Joomla! 1.6 templates (administrator and frontend)
05 Apr 2011
Rev 23

Added - Joomla! 1.5.23 hash files
08 Mar 2011
Rev 22

Added - Joomla! 1.6.1 hash files
Fixed - Some admin users were not being detected correctly
21 Dec 2010
Rev 21

Updated - Joomla! 1.6 compatible
Added - Joomla! 1.6.0RC1 hash files
Fixed - Improved SQL injection detection
Fixed - Improved Shell detection
Fixed - Improved LFI detection
Fixed - The check if the "admin" user is active now takes into account if the user is blocked
Fixed - Using native functions to check if the RSFirewall! plugin is enabled
Fixed - W3C Validator is now able to connect to a RSFirewall! protected website
Fixed - Email cloaking not working correctly
05 Nov 2010
Rev 20

Added - Joomla! 1.5.22 hash files
11 Nov 2010
Rev 19

Updated - Additional backend password has been rewritten, works on all servers and provides a nicer layout
Updated - SEF support detects 3rd Party SEF components as well
Added - Joomla! 1.5.21 hash files
Added - Database Check
Added - During System Check, the current folder is shown
Added - Check for .htaccess in your Joomla! root
Added - Number of files/folders to check in the System Check
Added - Ability to ignore folders/files during System Check
Fixed - System Check no longer hangs, it skips to the next available step
Fixed - Directories with slashes were hanging the System Check
29 Jul 2010
Rev 18

Improved - XSS attacks filtering
Improved - LFI "controller" injection detection
19 Jul 2010
Rev 17

Added - Joomla! 1.5.20 hash files
16 Jul 2010
Rev 16

Added - Joomla! 1.5.19 hash files
16 Jun 2010
Rev 15

Added - Protection against common malware User-Agents
Added - A few more passwords for strength test
Fixed - The module now uses Ajax calls to connect to the server to avoid timing out in the Administrator area
31 May 2010
Rev 14

Added - Joomla! 1.5.18 hash files
11 May 2010
Rev 13

Added - SEF check
Added - Session Lifetime check
Added - FTP password check
Fixed - JavaScript bug when running the System Check a second time
Fixed - RSFirewall! Administrator module overlapping in IE8
Fixed - CSS issue with grade icon in IE
Fixed - No longer throwing a fatal error if the helper file is missing
Fixed - Rewrote installation procedure
28 Apr 2010
Rev 12

Added - Joomla! 1.5.17 hash files
26 Apr 2010
Rev 11

Added - Joomla! 1.5.16 hash files
Added - Extra message in PHP fix
Fixed - Moved malware signatures to database in order to prevent server antivirus software to identify RSFirewall! as a false positive
Fixed - CSS issue with missing background image
Fixed - PayPal no longer being blocked as DoS attack
05 Nov 2009
Rev 10

Added - Joomla! 1.5.15 hash files
03 Nov 2009
Rev 9

Added - Cleaning backdoored versions of Jumi
Fixed - Accept change bug
29 Sep 2009
Rev 8

Added - Warning message for old version of Internet Explorer users
Fixed - System Check Javascript to work with Internet Explorer 8
24 Sep 2009
Rev 7

Added - Ability to show CAPTCHA after a number of unsuccessful login attempts
Added - Ability to ignore modified/missing files during System Check
Added - Logging unsuccessful attempts to login into the backend
Added - Password strength tester in com_users
Fixed - Redone the System Check to use multiple ajax threads instead of a single one
Fixed - Various fixes when generating php.ini
Fixed - com_frontpage was not showing up in the list of allowed components
Fixed - Wrong md5 calculated in the System Overview when a modified Joomla! file was detected
Fixed - DoS protection and converting emails to images still ran even with Active Scanner disabled
Fixed - SQL protection was flagging a legitimate server query as an injection in a special situation
Fixed - If a component/module or default template has been uninstalled it should not be checked
Fixed - Wrong language loaded when sending emails
Fixed - The file and folder permissions grade was not correctly calculated
Fixed - Using $JSession->set() to store data instead of $mainframe->setUserState()
Fixed - No more stripping slashes on Windows servers
Fixed - Improved the System Check URL recorded in the System Log
03 Aug 2009
Rev 6

Fixed - Results are now truncated to save server memory
Fixed - Optimized the checking for file and folder permissions to use less memory
Fixed - Optimized the checking for malware patterns to use less memory
Fixed - Version compare now ignores "rebranded" Joomla! versions such as "1.5.14 DutchJoomla"
31 Jul 2009
Rev 5

Added - Joomla! 1.5.14 hash files
Fixed - If Backend Access Control is enabled and there are no users selected, by default all users are allowed so you don't lock yourself out
Fixed - No more stripping HTML from passwords
23 Jul 2009
Rev 4

Added - Joomla! 1.5.13 hash files
Fixed - Language file wasn't loaded correctly in a special situation
14 Jul 2009
Rev 3

Added - Ability to generate images instead of plain text email addresses
Fixed - Not showing modified files in the Overview
Fixed - The RSFirewall! Grade did not show up in the module correctly
Fixed - The RSFirewall! Grade would give very high scores when having a few files or folders with wrong permissions
Fixed - Throwing errors when $_REQUEST contained an object or resource
Fixed - addslashes() escaping quotes with quotes instead of backslashes
01 Jul 2009
Rev 2

Added - Joomla! 1.5.12 hash files
Added - Removal of the generator meta tag from your Joomla! template
Added - Website grading system (computing a security score based on your website's security)
Added - System Log entry when running the System Check
Fixed - Minor memory optimizations