ROCKETTHEME IS CLOSING ON JUNE 30, 2025. As a thank-you to our community, enjoy 50% off all themes with the promo code THANKYOU before we shut down.
Read our Farewell Blog Post for more details.
Hackers scanning websites for logins
-
-
- Tyndie
- Preeminent Rocketeer
- Posts: 8804
- Thanks: 5
-
Hi,
I have picked up a few failed attempts from a hacker trying to access my admin section using a login and password that I changed a few weeks ago, is there a way of preventing someone from scanning posted form variables for logins?
-
-
-
- RedRiverBlack
- Elite Rocketeer
- Posts: 1034
- Thanks: 15
- What is a "posted form variable"? Sorry, don't know the web lingo much.
-
-
-
- drsawbones
- Sr. Rocketeer
- Posts: 154
- Thanks: 0
- Joomla Adict
-
Hello,
I use a couple techniques for hiding joomla's admin.
The first thing I install on a live site is this one:
extensions.joomla.org/extensions/5809/details
it's a tiny joomla! plug-in that adds ?WoRDxXx to the end of your admin path.
joomla/administrator/index.php?WoRDxXx
for example - if you don't enter the exact path it kicks you back to say - home page of site.
Make sure you read the documentation before enabling it so you don't lock yourself out. (and if you do, you can change the path-word via phpmyadmin mysql edit.
I also install SSL and use https for admins accessing the ACP.
If you have money to invest in security - RS Firewall is pretty slick component
extensions.joomla.org/extensions/access-...y/site-security/8968
Regards,
Doc
-
-
-
- Terp
- Elite Rocketeer
- Posts: 1720
- Thanks: 23
-
drsawbones wrote:
The first thing I install on a live site is this one:
extensions.joomla.org/extensions/5809/details
I second this one...great extension to use to redirect anyone not using the ?key when trying to access the administration screen.
-
-
-
- JEM
- Preeminent Rocketeer
- Posts: 17917
- Thanks: 4
-
Check for security tips here:
www.rockettheme.com/forum/index.php?f=15&t=54455&rb_v=viewtopic - Thanks,
jim
-
Time to create page: 0.060 seconds