Joomla is an award-winning content management system (CMS), which enables you to build Web sites and powerful online applications. Many aspects, including its ease-of-use and extensibility, have made Joomla the most popular Web site software available. Best of all, Joomla is an open source solution that is freely available to everyone.
RSFirewall! is the most advanced Joomla! security service that you can use to protect your Joomla! website from intrusions and hacker attacks.
RSFirewall! is backed up by a team of experts that are trained to be always up to date with the latest known vulnerabilities, security updates making RSFirewall! the best choice in keeping your website safe.
*Note: Joomla 1.5 websites can only use version 3.X. OSE Anti-Hacker version 5 supports Joomla 1.6/1.7/2.5 system only.
OSE Anti-Hacker Version 5.3.3 – 5.3.4
* New feature — Added the confidence level parameter for Stop Forum Spam Anti-Spamming function
OSE Anti-Hacker Version 5.3.2 – 5.3.3
* New feature — Added Stop Forum Spam Anti-Spamming function
From the makers of Akeeba Backup Core/Professional and Admin Tools Core, this is the enhanced release of Admin Tools, available on a subscription basis. On top of what Admin Tools Core already offers, Admin Tools Professional has these exclusive features:
– Restrict administrator with a secret URL parameter
– Web Application Firewall to block common exploits (SQL injection, XSS, DFI, RFI, malicious user agent, CSRF/spam-bot protection, uploads scanner)
– Bad word filtering
– IP Whitelisting for the administrator section
– IP Blacklisting
– Geographic block (deny access to specific countries/continents)
– Modification of Generator meta tag and other sensitive HTTP headers
– Email on administrator login
– Block front-end Super Administrator log-in
– Block Super Administrator user modification
– Block extensions installation
– Block visual fingerprinting (tmpl, template and tp URL parameters)
– Integration of the Bad Behavior anti-spam library
– Project Honeypot IP blacklist integration
– Automatic IP blocking of repeat offenders
– Email notifications of all detected security issues
– URL redirections (exclusive support for query parameters!)
– Scheduled site maintenance operations
NOW INCLUDES A VERSION FOR JOOMLA 3.0 !
Drawback: Joomla has one drawback, any web user can easily know the site is created in Joomla! by typing the URL to access the administration area (i.e. www.site name.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla!. Information: jSecure Authentication module prevents access to administration (back end) login page without appropriate access key.
Easy to install, jSecure adds a higher level of security to your Joomla website.
jSecure Authentication 3.0 has a range of improvements including:
A. Secure Components
Now with jSecure you can password protect installed components in admin area.
B. Access Graph
Graphical representation of correct v/s wrong access for different segments of time.
Added Security Features:
A. Master Password:
You can block access to the jSecure component from other administrator. Setting to “Yes”, allows you to create a password that will be required when any administrator tries to access the jSecure configuration settings in the Joomla administration area.
If you do not enter a master password, the default password will be “jSecure”. Provides options to include particular sections of the component in master password.
B. Master Login Control:
Login control to restrict multiple users from logging into the site using same username and password.
C. Admin Password Protection:
Added password protection to add extra security layer over the administrator folder using htaccess and htpassword.
D. Directory Listing:
Directory listing to show list of all files and folders with their permissions on the site.
A. Black Listed/ White Listed IP’s:
Now range of IPs can be black listed or white listed by using format ‘192.*.*.*’. Warning !!! Use of ‘*.*.*.*’ is not permitted. !!!
B. Meta Tag Controller:
Meta tag controller to override metadata of Joomla.
C. Purge Sessions:
Using this option will cleanup session of all logged-in users and they let logged-out.
* Improved backend presentation
* Improved support on our forum
Your /administrator area is vulnerable – secure it with AdminExile. Multiple access keys, IPv4/IPv6 White and Black Lists (IP and CIDR netmasks supported), Brute Force detection. AdminExile has you covered.
The AdminExile Plugin has long been a favored and highly rated extension in the JED. Read the reviews, check out the 9 pages of documentation, and then try it yourself.
* Access key(s) – key only, or key + key value. Others provide one or the other. AdminExile provides BOTH.
* Front-end Restriction – Restrict certain accounts from logging into the front-end with accounts intended only for back-end use.
* Lost Key Recovery – Useful for individuals using extremely difficult keys, or teams who change the keys frequently.
* IP White and Black Lists – Use individual addresses, or CIDR netmasks to define your lists.
* Brute Force Protection – Penalize users who abuse your system.
* Management of blocked addresses – See a list of blacklist attempts and bruteforce attempts, as well as the ability to reset those IP addresses.
* Admin Notification – When abuse comes from a blacklisted address or brute force is detected, an administrator can be sent a notification.
* Stealth Mode – Prevents tell-tale signs that something exists at /administrator, like the session cookie!
There are far too many features to describe in this page. Visit the documentation link to get the bigger picture.
Unless you use SSL, a user logs into Joomla sending his password in plain text across the network. A malicious user could take advantage of this vulnerability and can have access to the back-end.
This plugin is an alternative to SSL. It uses RSA to encrypt passwords or any other data you want in your component.
It is necessary to have the bcmath extension
Works with Signal Login, JTP Horizontal Login, PWC Login, Inline Login and vtj login modules.
kSecure – Joomla sercurities Login and folders protection
What is kareebu Secure ?
kareebu Secure is a Plugin that adds an extra layer of protection to your website. By default anyone can access the /administrator folder and see that you are running Joomla!.
With kareebu Secure enabled you can protect the /administrator folder with an extra password.
Joomla K2 Waze Plugin
Waze is the world’s fastest-growing community-based traffic and navigation app. Join other drivers in your area who share real-time traffic and road info, saving everyone time and gas money on their daily commute.
To add Waze share Buttons in your Joomla site easy with Joomla Waze Plugin.
Last April Fools I made a joke that my website was hacked and turned upside down. When your website is really hacked, there’s nothing funny about it.
Joomla! is a great CMS that is used worldwide. For this reason, hackers often try to find a way to hack a Joomla! website. Here are 7 tips to optimize your Joomla! security, preventing your Joomla! website getting hacked.
Always remember to make a regular backup of your website and database. If you still get hacked, you can always get back to an older version of your website. Make sure you find out which extension caused the vulnerability and un-install it.