Redirect Failed Login
Version
1.62 (last update on Mar 6, 2012)
Rating
Compatibility
Reviews
28
License
GPLv2 or later
Non-Commercial
Type
Date Added
18 November 2008
V1.62: For Joomla 1.6, 1.7 and 2.5 websites. Fixes a problem where a "/1" was appended to the URL if no redirection URL was selected.
V1.61: For Joomla 1.6, 1.7 and 2.5 websites.
V1.52: For Joomla 1.5 websites. Fixes a problem where a "/1" was sometimes appended to the URL.
V1.51: For Joomla 1.5 websites. Adds 2 important features:
1) Adds a time delay on login failures - to discourage brute force login attacks on your site. The default delay is 10 seconds, you can change the delay in the plugin options. Even if you do not redirect failed logins, you can use this plugin to add a time delay after failed login attempts. This will discourage hackers from trying to hack into your site. The time delay helps to protect both the front-end and back-end logins - just use the default settings.
2) An option to enable/disable clearing of the page cache upon login failure. The default is set to "No" clearing. You can change this to "Yes" if you are using the system cache plugin (page cache) and your redirection messages do not appear because the page cache is showing a stale copy of your redirected page.
Perfect for what I wanted, thank you!
Installed in seconds and the error file was easily editable. Does exactly what it says it does; what more could one ask for? This is perfect for the new site I'm working on and I absolutely love the ease of use. Thank you for this plugin!
Sorry, didn't work for me on joomla 2.5. I didn't want to redirect when user failed login.
I get a error page of url http://www.sitename.com/1
with broken page
I see it still in beta mode for joomla 2.5
I get a error page of url http://www.sitename.com/1
with broken page
I see it still in beta mode for joomla 2.5
Owner's reply
Hi,
There is a support forum at http://joomlacode.org/gf/project/redirectfl/forum/
where you can get in touch with me regarding any problems. I'd be glad to help out.
Thanks,
-Roger
Tested on Joomla 2.5 and it worked perfectly for me.
Delayed response is a good security improvement.
Highly recommended.
Delayed response is a good security improvement.
Highly recommended.
I needed to redirect the failed logins on the same page in order to give them a chance to retry.
Although the plugin does not do that our of the box, it was easy to change its behaviour this way if the failed login URL is left empty in the configuration.
I also applied the change mentioned below to display the failed login message as a Joomla! standard error message.
I'll submit the changes to the developer for review.
Although the plugin does not do that our of the box, it was easy to change its behaviour this way if the failed login URL is left empty in the configuration.
I also applied the change mentioned below to display the failed login message as a Joomla! standard error message.
I'll submit the changes to the developer for review.
The message of error on login doesn't work in every templates. That can be solved by creating an article just showing the message of error and then redirect in the module to that article. Another solution would be having the option to show the message using an javascript alert? just an idea...
Another problem is if i register an user, initially the user is disabled in the administration. If i try to login that user it doesn't raise the onLoginFailure event so it shows again the login form in the content pane. What event raises in this case? it should validate this situation...
Excellent plugin and a very necessary one. Congratulations to the developer.
Cheers!
Another problem is if i register an user, initially the user is disabled in the administration. If i try to login that user it doesn't raise the onLoginFailure event so it shows again the login form in the content pane. What event raises in this case? it should validate this situation...
Excellent plugin and a very necessary one. Congratulations to the developer.
Cheers!
It does work with SEF. All my sites are SEF. What may cause some to think it doesn't is if one is trying to use an SEF redirect entry in the plugin. That doesn't work. If you use the non SEF link address (the one you find if you open the link properties), and place THAT in the plugin entry it works perfectly. Thanks to the developer for pointing that out in the forum.
This solved a redirect problem I was having when a user puts in the wrong username/password in the login module causing Joomla to redirect to a default login screen not linked to from a menu and therefore breaking my template. Spent hours trying to fix it only to stumble on this plug-in which fixed it in about 5 seconds!
Sometimes this plugin causes a infinite redirect loop (TOO MANY REDIRECTS error in chrome). It seems that the cache is not emptied or something like that...
Owner's reply
Hi,
There is a support forum at http://joomlacode.org/gf/project/redirectfl/forum/
where you can get in touch with me regarding any problems.
-Roger
The small problem is that login failed message is shown as message not as error. To fix this you should change line in plugins/system/redirect_failed_login.php
$mainframe->redirect($redirect_destination, $redirect_message);
to
JFactory::getApplication()->enqueueMessage($redirect_message, 'error');
$mainframe->redirect( $redirect_destination);
Joomla 1.5 and PHP5 required.
$mainframe->redirect($redirect_destination, $redirect_message);
to
JFactory::getApplication()->enqueueMessage($redirect_message, 'error');
$mainframe->redirect( $redirect_destination);
Joomla 1.5 and PHP5 required.
just what I needed. easy to install. does what it says. thanks.
This does not work with Cblogin or with Joomla SEF on.
Owner's reply
Hi Richardkl,
I've never tried it with CBlogin, but I use it on several Joomla 1.5 websites with Joomla SEF turned on and it works fine for me. What problems did you see with Joomla SEF turned on?
Regarding CBlogin - this plugin is triggered by the Joomla Core user event "onLoginFailure" ( see http://docs.joomla.org/Reference:User_Events_for_Plugin_System#5.3.5_onLoginFailure)
so it must be that CB is not using this joomla core user event when a CB login failure occurs.
Does what it's supposed to but I accidentally caused some hard to diagnose errors through this.
I set the forward link to the standard Joomla password forgotten page. Unfortunately, this very seldomly would result in an endless feedback loop when visiting any site. At least until the cache was cleared.
I am not sure when it would happen but it was pretty annoying and mysterious, until I remembered I had installed this plugin.
Didn't find any other mention of the same problem so thought I'd mention it here.
Anyway, otherwise, this is very good and does what it says on the tin.
To beef up the security even further, would be nice if it was possible to have an auto-increment delay - e.g.: first failed log-in has X second delay, 2nd failed login for same username has Y seconds delay, 3rd has Z seconds delay up to some maximum.
Keep up the good work!
I set the forward link to the standard Joomla password forgotten page. Unfortunately, this very seldomly would result in an endless feedback loop when visiting any site. At least until the cache was cleared.
I am not sure when it would happen but it was pretty annoying and mysterious, until I remembered I had installed this plugin.
Didn't find any other mention of the same problem so thought I'd mention it here.
Anyway, otherwise, this is very good and does what it says on the tin.
To beef up the security even further, would be nice if it was possible to have an auto-increment delay - e.g.: first failed log-in has X second delay, 2nd failed login for same username has Y seconds delay, 3rd has Z seconds delay up to some maximum.
Keep up the good work!
Page 1 of 2
