Cheap Web Design from WebCatch

low cost website design from £195
get an instant quote now

Posts Tagged ‘security’

How to hide your Joomla! admin url… again

Friday, May 14th, 2010

You might be thinking: ‘Hey, but it was already discussed on your blog’. Yes it was (here), but since then a few things have changed. Mainly, the extension that we suggested in the previous post went commercial and you now have to pay for it. We are always on the lookout for cheaper or, better yet, free alternatives in order to provide the best value to our customers.

After some digging we found a replacement by the name ‘kareebu Secure‘ or kSecure in short. It is 100% free and open soruce (released under the GPLv3 license). It provides all the functionality that the previous extension provided and adds some new features like HTTP Authentication. If you choose this option, instead of adding the secret to the end of your admin url (…/administrator?secret_word) you will need to provide it in the popup box that your browser will open on loading …/administrator.

Tags: ,
Posted in Joomla! | 1 Comment »

How to hide your Joomla! admin url

Friday, January 15th, 2010

One of the features we missed most when adopting Joomla! as our CMS was the possibility to change the admin url from the standard http://yoursite.com/administrator to something more secret. Yes, we now that secuirty by obscutiy is not really effective, but we believe that it can’t hurt and will at least keep some of your nosy visitors from trying to guess your passwords.

As this functionality is not inbuilt, we had to look for a plugin that takes care of hiding the backend’s url. After a moment of googling we found the jSecure Authentication plugin (download link). As you can see on the plugin’s site in Joomla! Extensions Directory, it has excellent user ratings and is quite popular among the Joomla! community. That’s a really important aspect, because it means that it is highly compatible with different Joomla! installations and is thoroughly tested. Once you have downloaded the plugin’s zip package, here’s what you need to do to apply it to your Joomla! site:

  1. Login to your Joomla! backend and go to Extensions->Install/Uninstall. Upload the downloaded package and install it.
  2. Go to Extensions->Plugin Manager and filter your results by ‘jsecure’ to find your newly installed plugin.
  3. Before enabling the plugin remember to set it up. You can do this by clicking on the plugin in the Plugin Manager.
  4. In the plugin configuration you will notice a Parameters box on the right side of the page. There you can set the Key, which will be your secret phrase that needs to be added to your admin url in order to access the backend. For the purpose of this post, let’s assume that we set it to ’secretword’.
  5. You can also configure what will happen when someone tries to access the standard yoursite.com/administrator url. It is controlled by the ‘Redirect Options’ parameter. You  can either redirect the user to your homepage, or display a custom page. You could, for example, prepare a website saying something like: “My site is not that easily hackable” and teach the wrongdoer a lesson ;)

After all the configuration is done and the plugin is enabled you will no longer be able to access your backend by going to yoursite.com/administrator. You will need to use yoursite.com/administrator/?secretword, substituting the secretword with whatever you have set in the plugin’s configuration.

UPDATE: The jSecure extension went commercial and you now have to pay for it. In a followup post we present a free alternative with even more functions…

Tags: , ,
Posted in Joomla!, Web Development | 1 Comment »


Top