Drawback: Joomla has one drawback, any web user can easily know the site is created in Joomla! by typing the URL to access the administration area (i.e. www.site name.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla!. Information: jSecure Authentication module prevents access to administration (back end) login page without appropriate access key.
Easy to install, jSecure adds a higher level of security to your Joomla website.
jSecure Authentication 3.0 has a range of improvements including:
A. Auto Ban I.P Address
Auto Ban IP Feature. Blacklist vulnerable IP addresses automatically.
B. Manage IP's
With this feature you can simply add/remove Blacklisted IP's from "View Log".
A. Secure Components
Now with jSecure you can password protect installed components in admin area.
B. Access Graph
Graphical representation of correct v/s wrong access for different segments of time.
Added Security Features:
A. Master Password:
You can block access to the jSecure component from other administrator. Setting to "Yes", allows you to create a password that will be required when any administrator tries to access the jSecure configuration settings in the Joomla administration area.
If you do not enter a master password, the default password will be "jSecure". Provides options to include particular sections of the component in master password.
B. Master Login Control:
Login control to restrict multiple users from logging into the site using same username and password.
C. Admin Password Protection:
Added password protection to add extra security layer over the administrator folder using htaccess and htpassword.
D. Directory Listing:
Directory listing to show list of all files and folders with their permissions on the site.
A. Black Listed/ White Listed IP's:
Now range of IPs can be black listed or white listed by using format '192.*.*.*'. Warning !!! Use of '*.*.*.*' is not permitted. !!!
B. Meta Tag Controller:
Meta tag controller to override metadata of Joomla.
C. Purge Sessions:
Using this option will cleanup session of all logged-in users and they let logged-out.
* Improved backend presentation
* Improved support on our forum
Change Log for (J2.5, J3.0)
Included option to manage the permission settings for the user groups.
Change Log for (J3.0):
Important release, lots of changes to prepare for Joomla! 3.0
Change Log for (J1.5, J1.6, J1.7):
A. Fixed JSecureConfig::$iplistB and JSecureConfig::$iplistW bug for Joomla 1.5.X, Joomla 1.6.X & Joomla 1.7.0.
B. Fixed issues with mail headers for Joomla 2.5 .
C. Added text input feild instead of text area in the form option of Basic Parameters for Joomla 1.5.X, Joomla 1.6.X & Joomla 1.7.0.
the redirect adds an extra layer of protection. can't hack as easily without know what the redirect link is.
i'm still using the old version because i don't have the money yet but will support this plugin with a honest review and future sales.
But, my experience is with the 1.0.9 version (I think that's right). And that experience was uneventful, which given other people's feedback, is the best possible result.
I never had a single problem.
However, I can't give this a 5 star rating. The 'support' people get from the forum is obtrusively defensive. Anyone suggesting they have encountered 'THE' problem seem to receive cold, unhelpful responses.
Never having experienced 'THE' problem, I can't speak to it, but the evidence seems indicate there may be something to it, and for the support to ignore that and give short, perhaps rude, answers puts me off.
I removed the old version from all my sites since it is no longer supported. I'll upgrade one day, but I would like to see a different approach to customer support.
Any serious developer or webmaster should get it, not amateurs please! - just look some post around and you can't tell when someone do not have the any idea of what is doing with Joomla!.
jSecure works very well and is thoroughly tested- most likely the issues you experienced are caused by human error. Please post your issues on our forum- we deal with any post within 1 working day.
I had used the previous non-commercial version on every site I have ever created or managed with no problems at all.
A previous review suggests a conspiracy theory where the older plug-in simply stopped working when the commercial version was released... My own experience is that 100+ sites continue to function flawlessly.
IMHO: The original and still the best. Ok it now costs peanuts but thus ensuring continuing development and support.
I personally haven't experienced any issues with my installations that once used the V1 Jsecure plugin.
Maybe I had removed it before there was an issue I won't be testing to find out.
For anyone else who may experience an issue with site access since Jsecure went Pro, Try this fix before you do anything else.
Go to your plugins directory and rename the Jsecure directory. Then try and login hopefully that should allow you access to your admin panel.
You should also be aware of a fork project of Jsecure available here on the JED http://extensions.joomla.org/extensions/access-a-security/site-security/12271
Hope that helps.
P.S. I sincerely hope the Jsecure dev team didn't cause login issues for users of the old plugin!
Oh and my star rating has nothing to do with what I think of the plugin. As I have no intention of evaluating it! The one star indicates a no comment from me.
As mentioned elsewhere, any problems encountered by people using the old jSecure plugin have been dealt with in the forums- most are the result of human error.
As for your one star rating- this does affect our overall rating so please remove it in the interest of fairness if you have no review.
We switched to a subscription based model to ensure that we can deliver the highest level of support for such an important security component.
We stopped supporting jSecure 1.0 but I can assure you that at the time we stopped supporting the project it was running properly. For more details, go to our forums. Most of the time these issues are due to human error. We switched to a subscription model to cope with the time and energy it takes to maintain a security component at the highest level possible (thus jsecure 2.0).