GuardXT
Version
1.00.01 (last update on Nov 8, 2009)
Rating
Compatibility
Votes
Favoured
87
License
GPLv2 or later
Non-Commercial
Type
Views
57918
Date Added
13 January 2009
The "heart" of GuardXT is a file system check (best scheduled as a cron job), that regularly monitors changes of your files. Additionally various security checks may be performed (e.g. check Joomla configuration, PHP settings etc...).
The results are presented in an easy to use and understand interface and most security issues can be fixed immediately from the interface.
GuardXT consists of several modules:
* Security News: Receives the JoomlaXT security news and displays them in the admin component
* Version Check: Checks for latest version of Joomla! and GuardXT!
* File Guard: Checks your file system for changes, detects unsafe directory and file permissions.
* Configuration Check: Performs some basic checks of your Joomla configuration
Hi
I already tester this component in one working server. Basic scan all your folders and record the files and folder changes and send to you after a email.
Anyway the component have a problem with one of the row in the Mysql Database Tester with Mysql 5.1 . The system use InnDob and not MyIsam because that row is really very big in little time in case you like to restore at any time your Mysql Joomla database Joomla get in conflicts because that row. The solution is delete the rows manually of guardXt.
The idea is good but need more deployment
I already tester this component in one working server. Basic scan all your folders and record the files and folder changes and send to you after a email.
Anyway the component have a problem with one of the row in the Mysql Database Tester with Mysql 5.1 . The system use InnDob and not MyIsam because that row is really very big in little time in case you like to restore at any time your Mysql Joomla database Joomla get in conflicts because that row. The solution is delete the rows manually of guardXt.
The idea is good but need more deployment
This component has a lot of potential, and provides some very much needed functions. I very much like what it is attempting to implement. However, there are a couple of things which make it impossible for me to use at this point.
The first is that it appears to consume enormous amounts of memory. This is a problem in most hosting provider situations, including my own. I have well over 20000 files in my Joomla installation - I expect that has something to do with it. I configured my php memory as large as I could make it and was able to complete an initialization run (it wanted to allocate over 200MB). But I could not complete a check run. For this component to be most useful, it needs to be runnable within the memory constraints of the typical hosting provider.
The other area I found to be an issue is the file permissions check, which insists on flagging anything that is not 644. This function needs to be configurable - for example perhaps taking a mask in the settings. I really don't care about files that are 744, 755, etc. What I do care about are files that are 666, 777, etc. And with over 20000 files, it is a challenge to wade through when pretty much everything gets flagged.
All in all, while I am unable to use at this time due to the memory issues, I look forward to updates which overcome the above issues so I can use this component on my live site. Once refined, guardXT will be very helpful in keeping my site safe from hackers.
I'll keep my eye out for updates!
The first is that it appears to consume enormous amounts of memory. This is a problem in most hosting provider situations, including my own. I have well over 20000 files in my Joomla installation - I expect that has something to do with it. I configured my php memory as large as I could make it and was able to complete an initialization run (it wanted to allocate over 200MB). But I could not complete a check run. For this component to be most useful, it needs to be runnable within the memory constraints of the typical hosting provider.
The other area I found to be an issue is the file permissions check, which insists on flagging anything that is not 644. This function needs to be configurable - for example perhaps taking a mask in the settings. I really don't care about files that are 744, 755, etc. What I do care about are files that are 666, 777, etc. And with over 20000 files, it is a challenge to wade through when pretty much everything gets flagged.
All in all, while I am unable to use at this time due to the memory issues, I look forward to updates which overcome the above issues so I can use this component on my live site. Once refined, guardXT will be very helpful in keeping my site safe from hackers.
I'll keep my eye out for updates!
Overall I am impressed.
I ran a quick security test within my new web site to check the robustness of GuardXT - considering its design parameters.
Once I configured GuardXT, I created “testthis.php” in the administrator folder outside of the Joomla! Native environment. I assigned 766 to this file and changed the “index.php” from its current settings to, 766, and then reran the GuardXT.
GuardXT caught the index.php like I expected, but I was also pleasantly surprised when I saw the “testhis.php” in the alerts as well. Remember, this testthis.php file is in a folder completely unrelated to Joomla!
Simply, this clearly indicates that GuardXT script will scan all the files independent of Joomla!
Good job GuardXT!
I ran a quick security test within my new web site to check the robustness of GuardXT - considering its design parameters.
Once I configured GuardXT, I created “testthis.php” in the administrator folder outside of the Joomla! Native environment. I assigned 766 to this file and changed the “index.php” from its current settings to, 766, and then reran the GuardXT.
GuardXT caught the index.php like I expected, but I was also pleasantly surprised when I saw the “testhis.php” in the alerts as well. Remember, this testthis.php file is in a folder completely unrelated to Joomla!
Simply, this clearly indicates that GuardXT script will scan all the files independent of Joomla!
Good job GuardXT!
Reading the reviews etc, this extension sounds very promosing, however it failed to run on our deployment.
Fatal error: Maximum execution time of 30 seconds exceeded in libraries/joomla/database/table.php on line 847
We will do some research and post an update, in case others see this.
Dont be put off though, this is well worth trying.
Fatal error: Maximum execution time of 30 seconds exceeded in libraries/joomla/database/table.php on line 847
We will do some research and post an update, in case others see this.
Dont be put off though, this is well worth trying.
First of all, what does it do?
Security News: Summarizes security news headers, which are clickable. No feeds nor email subscription needed, just goto guardxt main screen.
Version check: Checks the version of Joomla, of Guardxt and installed components. Great to see a summary of which components need upgrade.
File Guard: Checks permissions, and can set permissions (only 644 and 755), also does a file comparison of what file's have changed.
Joomla Server Configuration Check: Checks how some security settings are defined. Like is default admin active, is configuration file writable etc. This sorta also gives you hints on what to change (make the red light, green ;-))
PHP Checks: Checks how the global php.ini file in configured. Has the ability to start a wizard for local php.ini
Installed like a charm, very easy to use, nice lay-out. A must have for every joomla site. It gives you an overview of the more important security settings!
Security News: Summarizes security news headers, which are clickable. No feeds nor email subscription needed, just goto guardxt main screen.
Version check: Checks the version of Joomla, of Guardxt and installed components. Great to see a summary of which components need upgrade.
File Guard: Checks permissions, and can set permissions (only 644 and 755), also does a file comparison of what file's have changed.
Joomla Server Configuration Check: Checks how some security settings are defined. Like is default admin active, is configuration file writable etc. This sorta also gives you hints on what to change (make the red light, green ;-))
PHP Checks: Checks how the global php.ini file in configured. Has the ability to start a wizard for local php.ini
Installed like a charm, very easy to use, nice lay-out. A must have for every joomla site. It gives you an overview of the more important security settings!
Looks very good, installed it to try it out - only downside is when you uninstall, it leaves all the database tables in joomla, which is great for upgrading, no good for uninstalling - a utility to do a clean uninstall would be useful - any chance of that?
or can you just remove the:
jos_guardxt_config
jos_guardxt_files
jos_guardxt_hash
jos_guardxt_runs
through myPHPadmin ?
or can you just remove the:
jos_guardxt_config
jos_guardxt_files
jos_guardxt_hash
jos_guardxt_runs
through myPHPadmin ?
Component are very powerful, handle (in my case) more then 25 000 files on one server, no any conflicts with other modules/plugins at all, no any js library conflicts (Jquery, mootools, etc), MUST HAVE for any serious Joomla! developer.
Really thanks to autor!
Really thanks to autor!
Installed like a breeze, did exactly what it was suppose to do. Right off the top let me know that J!1.5.9 was out, which I hadn't noticed yet. It linked me right to the download page so I didn't have to surf around looking for the update. The 3rd party component checking device doesn't list what the most current version is, but it does link what version I have and provide a link to the developers home page, making updating much easier. The checks of the file system and joomla core system pointed out permission errors and security enhancements I could make (and did). This is probably the best COM I've downloaded in 6 months.
