| Current File : /home/pacjaorg/.trash/administrator/components/com_admintools/sql/xml/postgresql.xml |
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ @package admintools
~ @copyright Copyright (c)2010-2020 Nicholas K. Dionysopoulos / Akeeba Ltd
~ @license GNU General Public License version 3, or later
-->
<schema>
<!-- Metadata -->
<meta>
<!-- Supported driver types -->
<drivers>
<driver>postgres</driver>
<driver>postgresql</driver>
</drivers>
</meta>
<!-- SQL commands to run on installation and update -->
<sql>
<!-- Create the #__admintools_acl table if it's missing -->
<action table="#__admintools_acl" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_acl" (
"user_id" bigint NOT NULL,
"permissions" text,
PRIMARY KEY ("user_id")
);
]]></query>
</action>
<!-- Create the #__admintools_adminiplist table if it's missing -->
<action table="#__admintools_adminiplist" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_adminiplist" (
"id" serial NOT NULL,
"ip" character varying(255) DEFAULT NULL,
"description" character varying(255) DEFAULT NULL,
PRIMARY KEY ("id"),
CONSTRAINT "#__admintools_adminiplist_ip" UNIQUE ("ip")
);
]]></query>
</action>
<!-- Create the #__admintools_badwords table if it's missing -->
<action table="#__admintools_badwords" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_badwords" (
"id" serial NOT NULL,
"word" character varying(255) DEFAULT NULL,
PRIMARY KEY ("id"),
CONSTRAINT "#__admintools_badwords_word" UNIQUE ("word")
);
]]></query>
</action>
<!-- Create the #__admintools_customperms table if it's missing -->
<action table="#__admintools_customperms" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_customperms" (
"id" serial NOT NULL,
"path" character varying(255) NOT NULL,
"perms" character varying(4) DEFAULT '0644',
PRIMARY KEY ("id")
);
]]></query>
<query canfail="1"><![CDATA[
CREATE INDEX "#__admintools_customperms_path" ON "#__admintools_customperms" ("path");
]]></query>
</action>
<!-- Create the #__admintools_filescache table if it's missing -->
<action table="#__admintools_filescache" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_filescache" (
"admintools_filescache_id" serial NOT NULL,
"path" character varying(2048) NOT NULL,
"filedate" int NOT NULL DEFAULT '0',
"filesize" int NOT NULL DEFAULT '0',
"data" bytea,
"checksum" character varying(32) NOT NULL DEFAULT '',
PRIMARY KEY ("admintools_filescache_id")
);
]]></query>
</action>
<!-- Create the #__admintools_ipautoban table if it's missing -->
<action table="#__admintools_ipautoban" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_ipautoban" (
"ip" character varying(255) NOT NULL,
"reason" character varying(255) DEFAULT 'other',
"until" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
PRIMARY KEY ("ip")
);
]]></query>
</action>
<!-- Create the #__admintools_ipblock table if it's missing -->
<action table="#__admintools_ipblock" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_ipblock" (
"id" serial NOT NULL,
"ip" character varying(255) DEFAULT NULL,
"description" character varying(255) DEFAULT NULL,
PRIMARY KEY ("id"),
CONSTRAINT "#__admintools_ipblock_ip" UNIQUE ("ip")
);
]]></query>
</action>
<!-- Create the #__admintools_log table if it's missing -->
<action table="#__admintools_log" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_log" (
"id" serial NOT NULL,
"logdate" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
"ip" character varying(40) DEFAULT NULL,
"url" character varying(255) DEFAULT NULL,
"reason" character varying(255) DEFAULT 'other',
"extradata" text,
PRIMARY KEY ("id")
);
]]></query>
</action>
<!-- Create the #__admintools_redirects table if it's missing -->
<action table="#__admintools_redirects" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_redirects" (
"id" serial NOT NULL,
"source" character varying(255) DEFAULT NULL,
"dest" character varying(255) DEFAULT NULL,
"ordering" bigint NOT NULL DEFAULT '0',
"published" smallint NOT NULL DEFAULT '1',
"keepurlparams" smallint NOT NULL DEFAULT '1',
PRIMARY KEY ("id")
);
]]></query>
</action>
<!-- Create the #__admintools_scanalerts table if it's missing -->
<action table="#__admintools_scanalerts" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_scanalerts" (
"admintools_scanalert_id" serial NOT NULL,
"path" character varying(2048) NOT NULL,
"scan_id" bigint NOT NULL DEFAULT '0',
"diff" text,
"threat_score" int NOT NULL DEFAULT '0',
"acknowledged" smallint NOT NULL DEFAULT '0',
PRIMARY KEY ("admintools_scanalert_id")
);
]]></query>
</action>
<!-- Create the #__admintools_scans table if it's missing -->
<action table="#__admintools_scans" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_scans" (
"id" serial NOT NULL,
"comment" text,
"scanstart" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
"scanend" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
"status" character varying(10) NOT NULL DEFAULT 'run',
"origin" character varying(30) NOT NULL DEFAULT 'backend',
"totalfiles" int NOT NULL DEFAULT '0',
PRIMARY KEY ("id")
);
]]></query>
<query canfail="1"><![CDATA[
CREATE INDEX "#__admintools_scans_idx_stale" ON "#__admintools_scans" ("status", "origin");
]]></query>
</action>
<!-- Create the #__admintools_storage table if it's missing -->
<action table="#__admintools_storage" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_storage" (
"key" character varying(255) NOT NULL,
"value" text NOT NULL,
PRIMARY KEY ("key")
);
]]></query>
</action>
<!-- Create the #__admintools_wafexceptions table if it's missing -->
<action table="#__admintools_wafexceptions" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_wafexceptions" (
"id" serial NOT NULL,
"option" character varying(255) DEFAULT NULL,
"view" character varying(255) DEFAULT NULL,
"query" character varying(255) DEFAULT NULL,
PRIMARY KEY ("id")
);
]]></query>
</action>
<action table="#__admintools_wafblacklists" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_wafblacklists" (
"id" serial,
"option" character varying(255) NOT NULL,
"view" character varying(255) NOT NULL,
"task" character varying(255) NOT NULL,
"query" character varying(255) NOT NULL,
"query_type" character varying(1) NOT NULL,
"query_content" character varying(255) NOT NULL,
"verb" character varying(6) NOT NULL,
"enabled" smallint NOT NULL DEFAULT 1,
PRIMARY KEY ("id")
);
]]></query>
</action>
<!-- Create the #__admintools_profiles table if it's missing -->
<action table="#__admintools_profiles" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_profiles" (
"id" serial NOT NULL,
"description" character varying(255) NOT NULL,
"configuration" text,
"filters" text,
PRIMARY KEY ("id")
);
]]></query>
</action>
<action table="#__admintools_waftemplates" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_waftemplates" (
"admintools_waftemplate_id" serial NOT NULL AUTO_INCREMENT,
"reason" character varying(255) NOT NULL,
"language" character varying(10) NOT NULL DEFAULT '*',
"subject" character varying(255) NOT NULL,
"template" text NOT NULL,
"enabled" int NOT NULL DEFAULT 1,
"created_on" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
"created_by" int NOT NULL DEFAULT '0',
"modified_on" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
"modified_by" int NOT NULL DEFAULT '0',
PRIMARY KEY ("admintools_waftemplate_id"),
UNIQUE KEY "admintools_waftemplate_keylang" ("reason","language")
) DEFAULT CHARSET=utf8;
]]></query>
</action>
<action table="#__admintools_ipautobanhistory" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_ipautobanhistory" (
"id" serial NOT NULL,
"ip" character varying(255) NOT NULL,
"reason" character varying(255) DEFAULT 'other',
"until" timestamp without time zone DEFAULT NULL,
PRIMARY KEY ("id")
);
]]></query>
</action>
<action table="#__admintools_cookies" canfail="0">
<condition type="missing" value=""/>
<query><![CDATA[
CREATE TABLE "#__admintools_cookies" (
"series" character varying(255) NOT NULL,
"client_hash" character varying(255) NOT NULL,
"valid_to" timestamp without time zone DEFAULT '1970-01-01 00:00:00' NOT NULL,
PRIMARY KEY ("series")
);
]]></query>
</action>
<!-- Insert into #__admintools_profiles if id=1 is not there -->
<action table="#__admintools_profiles" canfail="1">
<condition type="equals" operator="not" value="1"><![CDATA[
SELECT COUNT(*) FROM "#__admintools_profiles" WHERE "id" = 1;
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_profiles"
("id","description", "configuration", "filters") VALUES
(1,'Default PHP Change Scanner Profile','','');
]]></query>
</action>
<action table="#__admintools_log" canfail="1">
<condition type="true"/>
<query><![CDATA[
CREATE INDEX "idx_admintools_log_reason_logdate" ON "#__admintools_log" ("reason", "logdate");
]]></query>
</action>
<action table="#__admintools_waftemplates" canfail="1">
<condition type="equals" value="0"><![CDATA[
SELECT COUNT(*) FROM `#__admintools_waftemplates`;
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_waftemplates" ("admintools_waftemplate_id", "reason", "language", "subject", "template", "enabled", "email_num", "email_numfreq", "email_freq", "created_on", "created_by", "modified_on", "modified_by")
VALUES
(NULL, 'all', '*', 'Blocked request on [SITENAME]', '<div style=\"background-color: #e0e0e0; padding: 10px 20px;\">\r\n<div style=\"background-color: #f9f9f9; border-radius: 10px; padding: 5px 10px;\">\r\n<p>Hello,</p>\r\n<p>We would like to notify you that a request was blocked on your site, [SITENAME], with the following details:</p>\r\n<p>IP Address: [IP] (IP Lookup: [LOOKUP])<br />Reason: [REASON]</p>\r\n<p>If this kind of blocked request repeats itself, please log in to your site\'s back-end and add this IP address to your Admin Tools\'s Web Application Firewall feature in order to completely block the misbehaving user.</p>\r\n<p>Best regards,</p>\r\n<p>The [SITENAME] team</p>\r\n</div>\r\n<p style=\"font-size: x-small; color: #667;\">You are receiving this automatic email message because you have a subscription in <em>[SITENAME]</em>. <span style=\"line-height: 1.3em;\">Do not reply to this email, it\'s sent from an unmonitored email address.</span></p>\r\n</div>\r\n<p style=\"text-align: right; font-size: 7pt; color: #ccc;\">Powered by <a style=\"color: #ccf; text-decoration: none;\" href=\"https://www.akeeba.com/products/admin-tools.html\">Akeeba AdminTools</a></p>', 1, 5, 1, 'hour', '2014-04-14 14:36:34', 800, '2014-04-14 14:42:38', 800);
]]></query>
</action>
<!-- WAF Blacklist rule: Joomla! SQLi vulnerability, October 2015 -->
<action table="#__admintools_wafblacklists" canfail="1">
<condition type="equals" operator="not" value="1"><![CDATA[
SELECT COUNT(*) FROM "#__admintools_wafblacklists" WHERE "option" = '' AND "view"='' AND "task"=''
AND "query"='list[select]' AND "query_type"='E' AND "verb"='';
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_wafblacklists"
("option", "view", "task", "query", "query_type", "query_content", "verb", "enabled")
VALUES ('', '', '', 'list[select]', 'E', '!#^[\\p{L}\\d,\\s]+$#iu', '', 1);
]]></query>
</action>
<!-- WAF Blacklist rule: Joomla! user registration vulnerability, October 2016 -->
<action table="#__admintools_wafblacklists" canfail="1">
<condition type="equals" operator="not" value="1"><![CDATA[
SELECT COUNT(*) FROM "#__admintools_wafblacklists" WHERE "option" = 'com_users' AND "view"='' AND "task"=''
AND "query"='user[groups]' AND "query_type"='P' AND "query_content"='' AND
"verb"='';
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_wafblacklists"
("option", "view", "task", "query", "query_type", "query_content", "verb", "enabled")
VALUES ('com_users', '', '', 'user[groups]', 'P', '', '', 1);
]]></query>
</action>
<!-- WAF Email Template for Configuration Monitor -->
<action table="#__admintools_waftemplates" canfail="1">
<condition type="equals" value="0"><![CDATA[
SELECT COUNT(*) FROM "#__admintools_waftemplates" WHERE "reason" = 'configmonitor';
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_waftemplates"
("reason", "language", "subject", "template", "enabled", "email_num", "email_numfreq", "email_freq", "created_on", "created_by", "modified_on", "modified_by")
VALUES('configmonitor', '*', 'Configuration options for [AREA] modified on [SITENAME]', '<div style="background-color: #e0e0e0; padding: 10px 20px;">
<div style="background-color: #f9f9f9; border-radius: 10px; padding: 5px 10px;">
<p>Hello,</p>
<p>We would like to notify you that the configuration options for [AREA] on your site, [SITENAME], have been modified by user [USER]. More details about the origin of this change as follows:</p>
<p>IP Address: [IP] (IP Lookup: [LOOKUP])<br />User Agent: [UA]</p>
<p>If this change was not made by you or an administrator user you trust please review your site immediately as this would be an indication of hacking activity.</p>
<p>Best regards,</p>
<p>The [SITENAME] team</p>
</div>
<p style="font-size: x-small; color: #667;">You are receiving this automatic email message because you have a subscription in <em>[SITENAME]</em>. <span style="line-height: 1.3em;">Do not reply to this email, it''s sent from an unmonitored email address.</span></p>
</div>', 1, 0, 0, '', '2016-12-15 10:46:00', 800, '2016-12-15 10:46:00', 800);
]]></query>
</action>
<!-- WAF Email Template for Configuration Monitor -->
<action table="#__admintools_waftemplates" canfail="1">
<condition type="equals" value="0"><![CDATA[
SELECT COUNT(*) FROM "#__admintools_waftemplates" WHERE "reason" = 'rescueurl';
]]></condition>
<query><![CDATA[
INSERT INTO "#__admintools_waftemplates"
("reason", "language", "subject", "template", "enabled", "email_num", "email_numfreq", "email_freq", "created_on", "created_by", "modified_on", "modified_by")
VALUES('rescueurl', '*', 'Rescue URL requested on [SITENAME] for [USER]', '<div style="background-color: #e0e0e0; padding: 10px 20px;">
<div style="background-color: #f9f9f9; border-radius: 10px; padding: 5px 10px;">
<p>Hello,</p>
<p>We would like to notify you that user [USER] has requested a Rescue URL for your site, [SITENAME]. If you made that request yourself please click on the following link, or copy and paste the URL to your browser. This will let you log in to the administrator backend of your site where you can modify unblock yourself and / or change Admin Tools'' configuration. The Rescue URL is:</p>
<p><a href="[RESCUEURL]" rel="alternate">[RESCUEURL]</a></p>
<p>The information towards the end of this email lets you know what to do once you are logged into your site''s backend.</p>
<h3>I have no idea why I''m receiving this email</h3>
<p>Look under "What is the Rescue URL" further down. You <strong>DO NOT</strong> need to take any action and you <strong>DO NOT</strong> need to worry.</p>
<h3>Who requested the Rescue URL?</h3>
<p>Username: [USER]<br />IP Address: [IP] ([LOOKUP])<br />User Agent: [UA]</p>
<p> </p>
<h3>What is the Rescue URL?</h3>
<p>Sometimes an overzealous Admin Tools configuration can result in accidentally blocking you, a Super User from the site. Normally that would require you to rename the file of Admin Tools'' system plugin to unblock yourself. This is a bit complicated and susceptible to errors.</p>
<p>The Rescue URL feature works around that. By accessing a special URL when you are blocked out of the site you are sent this email. The URL in this email is only valid for the same browser and IP address that made the request and only for a limited amount of time. Accessing it will get you to a <em>temporarily</em> unblocked administrator login page. This lets you access the administrator backend of your site to unblock yourself and / or modify Admin Tools settings.</p>
<p>By default, this feature is enabled on all installations of Admin Tools. Moreover, a message about accessing the Rescue URL is displayed by default when someone gets blocked UNLESS you set up a "Custom message" in the Configure WAF page of Admin Tools. If you have no idea why you received this message it''s probably because someone saw the default IP blocked message and guessed your Super User email correctly. Don''t worry though, what they did is completely useless since they would also need access to your email account and your Super User password to access your site, i.e. they would need to have already hacked you. As it''s already documented, we strongly recommend that you change the "Custom message" to make it less obvious that your site is protected by Admin Tools. If you do not wish to use the Rescue URL feature -and are OK manually renaming files per the documentation when you get blocked- go to Extensions, Plugins and edit the options of the Admin Tools system plugin. You''ll see an option for Rescue URL. Set it to No to disable this feature.</p>
<h3>What to do after logging in?</h3>
<p>If your IP is blocked by Admin Tools go to Components, Admin Tools and click the big Unblock My IP button at the top of the page.</p>
<p>If you keep getting your IP blocked without you doing anything suspicious to the best of your knowledge, the IP blocked is always the same but different than the one reported by <a href="http://www.ip-adress.eu/">http://www.ip-adress.eu/ </a><em>and</em> <a href="https://www.whatismyip.com/">https://www.whatismyip.com/</a> then your site might be behind a CDN or a reverse proxy. In this case, additionally to the instructions above, please go to Components, Admin Tools, Web Application Firewall, Configure WAF, click on the Basic Protection Features tab. Set the "Enable IP workarounds" option to Yes - no matter what the automatically detected recommendation is.</p>
<p>If, however, your real IP address as reported by the two tool listed above keeps getting banned you should troubleshoot the reason of the ban. Go to Components, Admin Tools, Web Application Firewall, Blocked Requests Log and check the Reason and Target URL for the entries which have your IP address in the IP address field. If you are not sure what that means, please <a href="https://www.akeeba.com/support/admin-tools.html" rel="alternate">file a support ticket</a> remembering to copy the information from the Blocked Requests Log. Kindly note that you need to have an active subscription to receive support.</p>
<p>If you have forgotten your Administrator Secret URL parameter go to Components, Admin Tools, Web Application Firewall, Configure WAF, click on the Basic Protection Features tab and find the "Administrator secret URL parameter" option. Change or remove all of the text in that box to reset or unset, respectively, this feature.</p>
<h3>What to do if I still cannot log in to my site?</h3>
<p>There are two cases where the Rescue URL feature, or renaming the Admin Tools system plugin''s file, will not help you. These are the two cases where Admin Tools has created a <em>server</em> configuration file, meaning that you are blocked by <em>your server</em>, not Admin Tools.</p>
<p>The first is the <strong>Administrator password protection</strong> feature. Please delete the files named <code>.htaccess</code> and <code>.htpasswd</code> from your site''s <code>administrator</code> directory. </p>
<p>The other case is when you''ve used the <strong>.htaccess Maker</strong> feature of Admin Tools. In this case there''s a <code>.htaccess</code> file in your site''s root. You may want to replace its contents with the <a href="https://raw.githubusercontent.com/joomla/joomla-cms/staging/htaccess.txt" rel="alternate">default Joomla! .htaccess file content</a>.</p>
<p>In both cases you should not that the files have names beginning with a dot. That makes them <em>hidden</em>. You will need to enable the display of hidden files to edit / delete those files. If you are unsure how to do that please ask your host and tell them that you need to edit/delete <em>hidden</em> files. Usually they will point out an option in their hosting control panel''s file manager. </p>
<p>In any other case your issue is unrelated to Admin Tools. Do you have another security plugin on your site? If you do, check its settings. If not, check with your host. More often than not hosts have their own server security systems which can block you out of your site.</p>
</div>
</div>', 1, 1, 1, 'minute', '2017-06-20 09:50:00', 800, '2017-06-20 09:50:00', 800);
]]></query>
</action>
<action table="#__admintools_scans" canfail="1">
<condition type="index" value="idx_fullstatus" />
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP INDEX "idx_fullstatus";
]]></query>
</action>
<action table="#__admintools_scans" canfail="0">
<condition type="missing" operator="not" value="description"/>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "description";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "type";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "profile_id";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "archivename";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "absolute_path";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "tag";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "backupid";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "filesexist";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "remote_filename";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" DROP COLUMN "total_size";
]]></query>
</action>
<action table="#__admintools_scans" canfail="0">
<condition type="missing" value="scanstart"/>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" RENAME COLUMN "backupstart" TO "scanstart";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" RENAME COLUMN "backupend" TO "scanend";
]]></query>
<query><![CDATA[
ALTER TABLE "#__admintools_scans" RENAME COLUMN "multipart" TO "totalfiles";
]]></query>
</action>
</sql>
</schema>