14 d’ag. 2009

Seguridad acceder administrator joomla

http://www.joomlaserviceprovider.com/documentation/jsecure-authentication/38-jsecure-authentication/49-jsecure-authentication-15x.html



oomla has one drawback, any web user can easily know the site is created in Joomla! by typing the URL to access the administration area (i.e. www.site name.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla!.

Information:

jSecure Authentication module prevents access to administration (back end) login page without appropriate access key.


Installation steps:

  1. Login to administration area
  2. Go to Installer -> select the plgSystemJSecure.zip file.
  3. Click on Install & upload.

Once the plugin is installed there are few manual steps which needs to be followed to make the plugin work:

  1. Login to Administration area
  2. Go To Plugins->System
  3. Click on System - jSecure Authentication link
  4. Enable the plugin and set the optional parameters specified below
  5. Save the plugin.

Default key to access login page is "jSecure".

Note: The key is case sensitive and can **ONLY** contain alphanumeric values. PLEASE dont use numeric values

How to Use :

http://www.site name/administrator/?keyname

keyname: key name is the key specified in the jSecure Authentication module.


Set the Parameters:


jSecure Authentication module provides following parameters:

Key: This is secure key which will be used to grant access to administration area.

Redirect Options: This parameter specifies what action to take if the key does not match. There are two choices:

  • Redirect to index page: Redirect unauthorized user back to home page
  • Custom Path: Provide relative path to custom page, for example 404 page not found.

For More information http://joomlaserviceprovider.com
Thanks to the team (Ajay Lulia, Bhavin Shah, Kamlesh Rewapati) for Developing the module and plugin.
Thanks to Sam Moffatt for converting Joomla! 1.0 module to a Joomla! 1.5 system plugin.

License: This is free software and you may redistribute it under the GPL. jSecure comes with absolutely no warranty. Use at your own risk. For details, see the license at http://www.gnu.org/licenses/gpl.txt Other licenses can be found in LICENSES folder.