I.Introduction

Drawback: Joomla has one drawback, any web user can easily know the site is created in Joomla! by typing the URL to access the administration area (i.e. www.site name.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla!. Instructions: jSecure Authentication v3.0.2 extension prevents access to administration (back end) login page without appropriate access key. Important!

In order for jSecure to work the jSecure plugin must be enabled. Go to Extensions>Plugin Manager and look for the "System - jSecure Authentication plugin". Make sure this plug in is enabled.

II.Installation | Uninstallation | Manual Uninstallation

How to install jSecure 2.1.10 to jSecure 3.0.x From Joomla 1.5.x, 1.6.x, 1.7.x, 2.5.x and 3.0.x:


  1. Unzip the package file Unzip first which contains different zip packages for different Joomla versions.

  2. Log into backend area.

  3. Go to Extensions -> Extension Manager.

  4. Click on 'Install' tab.

  5. Choose the zip package file present in Unzip first according to Joomla version from the browse button.

  6. Now Press the install button, the jSecure Authentication extension will be installed now.

How to uninstall jSecure 2.1.10 to jSecure 3.0.x From Joomla 1.5.x, 1.6.x, 1.7.x, 2.5.x and 3.0.x (2 ways):

First way: Follow these steps to uninstall 2.1.10 version from the Joomla administration area:
  1. Log into backend area.

  2. Go to Extensions -> Extension Manager.

  3. Click on ‘Manage’ tab.

  4. Select 'component' from - Select Type - drop down box

  5. Search for ‘jSecure’ and click on checkbox to uninstall.

  6. Click on ‘Uninstall’ button on top right side area to uninstall.

  7. Go to Extensions -> Install/Uninstall.

  8. Select 'Plugin' from - Select Type - drop down box

  9. Search for ‘jSecure’ and click on checkbox to uninstall.

  10. Click on ‘Uninstall’ button on top right side area to uninstall.

Second way: Following are steps to remove the jSecure 2.1.10 to jSecure 3.0.x manually:
Delete the component and plug-in entry from database. (#__ is database prefix)
  1. #__jsecurelog

  2. #__jsecurepassword

  3. #__jsecure_hits

  4. #__assets

    com_jsecure - jsecure

  5. #__extensions

    System - jsecure - plugin

    jsecure - component

  6. #__menu

    COM_JSECURE_AUTHENTICATION

    BASIC_CONFIGURATION

    ADVANCED_CONFIGURATION

    VIEW_LOG

    HELP

Delete the below mentioned folders & files.
  1. \administrator\components\com_jsecure

  2. \administrator\language\en-GB

    en-GB.com_jsecure.ini,

    en-GB.com_jsecure.sys.ini,

    en-GB.plg_system_jsecure.ini

  3. \components\com_jsecure

  4. \plugins\system\jsecure


III.Features

Security:
  1. Basic Configuration: The basic configuration will hide your administrator URL from public access. This is all most people need.
  2. IP: This tab allows you to control which IPs have access to your administrator URL.
  3. Master Password: You can block access to the jSecure component from other administrators.Setting to "Yes", allows you to create a password that will be required when any administrator tries to access the jSecure configuration settings in the Joomla administration area. If you do not enter a master password, the default password will be "jSecure".Provides options to include particular sections of the component in master password.
  4. Master Login Control: Login control to restrict multiple users from logging into the site using same username and password.
  5. Administrator Password Protection: Add password protection to add extra security layer over the administrator folder using htaccess and htpassword.
  6. Directory Listing: Directory listing to show list of all files and folders with their permissions on the site.
  7. Component Protection: With this feature you can restrict access to the admin side components that are installed. You can set password for the admin side components that are installed and set option to "Enabled". This will restrict other administrators from accessing the protected components.
  8. Auto Ban IP: With this feature you add vulnerable IP addresses to Blacklisted IP'S automatically by selecting the time duration and number of invalid admin access attempts.
Tools:
  1. Mail: This tab sets a notification email to be sent every time there is a login attempt into the Joomla administration area. You can set it to send the jSecure key or the incorrect key that was entered.
  2. Master Mail: These setting allow you to have an email sent every time the jSecure configuration is changed.
  3. Log: This setting allows you to decide how long the jSecure logs should remain in the database. The longer this is set for, the more database space will be used.
  4. View Log: jSecure will record any attempt that is made to access the Joomla /administrator directory. It will record the users IP, user name (if the login is successful), the nature of their login attempt, and the date the login attempt occurred.
  5. Meta Tag Controller: Meta tag controller to override default metadata of joomla.
  6. Purge Sessions: Purge sessions to expire sessions of all active users.
  7. Hits Graph: This feature shows graphical representation of correct v/s wrong administrator access for different segments of time.
  8. Manage IP'S From Log: With this feature you can simply add/remove IP'S to Blacklisted IP'S from "View Log".

Testimonial

It's simple to work with. It's cheap and affective!

Follow Us At Twitter

Join Us On Facebook

Scroll to top