JSecure adresses one very obvious weak point of Joomla! and cure it by locking the access to the backend.
|jSecure Authentication 1.5.x|
Joomla! ® has one drawback, any web user can easily know the site is created in Joomla! ® by typing the URL to access the administration area (i.e. www.site name.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla! ® .
jSecure Authentication module prevents access to administration (back end) login page without appropriate access key.
Once the plugin is installed there are few manual steps which needs to be followed to make the plugin work:
Note: The key is case sensitive and can **ONLY** contain alphanumeric values. PLEASE don't use numeric values
How to Use jSecure Authentication:
By default the component is set to replace the default Joomla! ® URL with one that you will set with this component. For example:
keyname: key name is the key specified in the jSecure Authentication component.
You can also choose to maintain the default Joomla! ® administrator URL and to add an extra login form) If you choose this option, then the Key will become the new password for the form. Once the key has been entered in the new form, the user will be directed to the administrator page.
jSecure Authentication component provides following parameters:
Enable: For jSecure to be activated set this to yes and go to the plugin manager and set the jSecure plugin to "enabled".
Pass Key: Select whether you want jSecure to create a new URL for the admin area (most popular) or if you want to create a second administrator login form (the "form" option).
Key: This is secure key which will be used to grant access to administration area. If you chose the URL option (most popular) then the new URL for your administration area will be http://www.site name/administrator/?keyname. You set the Keyname by inputing your new key in the Key field. The key is case sensitive and can **ONLY** contain alphanumeric values. PLEASE don't use purely numeric values.
This parameter specifies what action to take if the key does not match. There are two choices:
You can set jSecure to email on or more email addresses with an alert if someone tries to unsuccessfully access the Joomla! ® administration area.
You can have jSecure mail the wrong Key that was used, the correct Key, or both.
If you chose the "Send Mail" option, then enter the email addresses here. Separate multiple emails with a comma.
Choose an email subject for the email alert.
User can choose the options to configure with blocked IPs or white listed IPs.
User friendly to add the IPs.
Displayed the added IP addresses.
To prevent the access from change the configuration of jSecure Authentication.
Configure the master password to prevent from accessing.
To send the mail when admin change the any configuration of jSecure Authentication.
Configure the subject of email.
Change Log: Add the email id where you get the mail when any changes happen in configuration of jSecure Authentication.
1.0: Initial Version 1.0.1:
License: This is free software and you may redistribute it under the GPL. jSecure comes with absolutely no warranty. Use at your own risk. For details, see the license at http://www.gnu.org/licenses/gpl.txt Other licenses can be found in LICENSES folder.