To log in as an administrator, we do so from mydomain.com/adminsitrator; this may be vulnerable to our Joomla site because anyone has access to this URL. AdminExile is a plugin that provides an extra level of security by requiring a specific key to be present in the URL. In this article I will explain how to set login protection in Joomla with AdminExile.
- Download the AdminExile.
- Access key(s) – key only, or key + key value. Others provide one or the other. AdminExile provides BOTH.
- Front-end Restriction – Restrict certain accounts from logging into the front-end with accounts intended only for back-end use.
- Lost Key Recovery – Useful for individuals using extremely difficult keys, or teams who change the keys frequently.
- IP White and Black Lists – Use individual addresses, or CIDR netmasks to define your lists.
- Brute Force Protection – Penalize users who abuse your system.
- Admin Notification
- Stealth Mode – Prevents tell-tale signs that something exists at /administrator.
- Sign into Joomla as an Administrator. Go to menu “Extensions -> Extension Manager”:
- Select the “Upload” tab and install the Blog and List Component for Joomla:
- To enable AdminExile, go to menu “Extensions -> Plugin Manager”. Click on the enable button to activate the plugin:
- To configure the plugin, click on the plugin name after you have activated it. You should now see the plugins configuration options enabling you to set your login parameters. To save changes click Save:
- And that’s it! You have configured extra protection on your website. It is very important to maintain security on your website.
This concludes Login protection in Joomla.