The Joomla! Extensions Directory ™

AdminExile Plugin

Your /administrator area is vulnerable - secure it with AdminExile. Access keys, IPv4/6 Black/White Lists (IP and CIDR netmasks supported), Brute Force detection. AdminExile has you covered.

The AdminExile Plugin has long been a favored and highly rated extension in the JED. Read the reviews, check out the 9 pages of documentation, and then try it yourself.

Key features:
* Access key(s) - key only, or key + key value. Others provide one or the other. AdminExile provides BOTH.
* Front-end Restriction - Restrict certain accounts from logging into the front-end with accounts intended only for back-end use.
* Lost Key Recovery - Useful for individuals using extremely difficult keys, or teams who change the keys frequently.
* IP White and Black Lists - Use individual addresses, or CIDR netmasks to define your lists.
* Brute Force Protection - Penalize users who abuse your system.
* Management of blocked addresses - See a list of blacklist attempts and bruteforce attempts, as well as the ability to reset those IP addresses.
* Admin Notification - When abuse comes from a blacklisted address or brute force is detected, an administrator can be sent a notification.
* Stealth Mode - Prevents tell-tale signs that something exists at /administrator, like the session cookie!

There are far too many features to describe in this page. Visit the documentation link to get the bigger picture.

Version 2.3.0 - additional error handling for invalid IP address/subnets typed in configuration - new IP configuration interface (With automatic sorting) and IP validation
Version 2.3.1 - fix include path issue experienced in older PHP versions
Version 2.3.2 - PHP Dynamic Loader enhancements (Thanks Richard B.)
Version 2.3.3 - fixed include path error
Version 2.3.4 - silenced unneeded warnings
Version 2.3.5 - resolved errors introduced by J3.3.1 and J2.5.19
Version 2.3.6 - EMERGENCY UPDATE - resolving VEL SQL Injection vulnerability report (Thanks Ahmad Prayitno)

All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.

Report Extension




Reviews: 2
Reviews: 8
Works out of the box, clear and simple, recommended.
Reviews: 16
very simple. Easy to install, enable plug in. set secret key and good to go and best of all is free.

Thank you very much.
Reviews: 1
Excellent quality of the product, but in particular an outstanding service.
Thank you Michael!
Reviews: 54
Fantastic!!! AdminExile helped me secure my administrator URL.

Easy to install and activate without any fuss.

Highly recommended. Thank you Developer
Reviews: 1
After trying and testing several other free and commercial ways of protections that only got me locked out of backend access to my site i found this one to do exactly what i was looking for.Its simple to install and its easy to set up.A must to have for every joomla website.
Reviews: 2
I really find this efficient, bug free and effective. Must for joomla webs
Reviews: 5
Excellent plugin. Easy to install and configure.I feel free to say that AdminExile is "must have" extension.
Also I must thank to developer for fast support about some doubts.
Thanks Michael.
Reviews: 1
Very clever... and super swish. Works a charm!
Owner's reply

Super awesome and thanks!

Reviews: 1
Michael Richey has provided me with the best support I've ever received from a Joomla developer so far. And I've bought several commercial extensions and "support subscriptions". Must of them require to create a support ticket and wait 24 hours for a response wich most of the times isn't helpful. Michael responded my first email in minutes! and after that he kept in contact until he figuered out the problem (which wasn't even with his extension but with Jommla and still he wrote a patch for it).

I've tried all the free plugins to acomplish this task and AdminExile is by far the best. Kudos.
Reviews: 1
Richey, Thanks for this plugin it works awesome! However I too was able to lock my self out of the administrator side of my website. It wasn't the fact that I forgot my password but the fact that AdminExile has to have at least one letter in the password for it to work. My 1st password was a set of numbers. When I tried to login in it would throw a error. But if I had one letter in the password it would work. Other then that small issue everything else works like lucky charms! Thanks again! Jeff
Owner's reply

Wow, I never tried using an all numeric key. Thanks for the report - I'll take a close look at that.

Reviews: 2
Very good plugin. Simple to configure and use. An excellent addition for Joomla 1.6. Love it. God bless you.
Reviews: 1
This extension is an alternative to jsecure which I used in the past to avoid sniffers.

Not just that, but also the support from Michael Richey is truly amasing. He gets involved in your case to solve any inconvenience.

Really good security results and developer support!
Reviews: 3
Easy to install and configured in just a few seconds - be warned it starts working straight away so you need to login again with the new URL after enabling the plugin!

Not sure how effective it would be against a determined hacker but certainly gives me a bit more peace of mind. Thanks for developing it and sharing it - great plugin.
Owner's reply

You are correct, a determined hacker willing to employ brute force against the plugin might be able to get past a key less than 8 characters long. Remember, getting past AdminExile doesn't get them logged in, just to the login screen.

So, standard password rules should apply. Long keys with a mix of upper and lower case letters and numbers will be the most secure.

Reviews: 1
Wow...this is exactly what i want to secure my access to my site thank you so's very easy to use!
i haven't got an account here, i've registered this one only to thank you :-)
keep up the good work!
Owner's reply

Reviews are sometimes the only feedback a developer gets. I feel honored that you decided to register to leave your review. Hopefully you grace other developers for their contributions.

Reviews: 1
This has cured a problem with Joomla that I have had for a very long time...

I've never understood why CMS/Portals don't allow you to configure the admin backend during install, including setting a different directory...

I grasp why... but still, there should be an easier way to do it then all the hacks mentioned in forums and whatnot... However this Extension went and secured access to it for me anyhow! =D

An extra layer of security can go a long way if used properly.

I am tempted to write an additional plugin even though I suck at code, that would rely on a cron job that would randomize the key for the day, and then e-mail all users in the Site Admin group the passkey.

Keep up the great work, I'd love to see what else you come up with.
Owner's reply

That is an interesting idea.... I will definitely put some thought into that. If I add it to AdminExile it will be optional, and the plugin will remain free.

Reviews: 47
The first thing it did was broke my site completely, I was unable to access either ways i.e. the default and or set key. I tried running the query specified by the author and God knows what went wrong after the query, the site is totally not responding.

Thank God I have a full backup, which i'll restore very quickly.

My review is out of my experience, my sincere apologies to author if this hurts.
Owner's reply

I wish you would have contacted me. What you describe is not possible from this extension. It can only run in administrator, not the front end. I suspect that you have other issues.

Reviews: 1
Simple to use, together with your byebye generator and clean response makes me feel more secure on my site. Thanks.
One question, do you have another version for 1.5 ?
Owner's reply

I might be bribed....

Reviews: 1
This is a straightforward and simple plugin. Works great. Just install and assign your key. As the developer said, it is similar to the free version of jsecure.

Before finding this plugin, I did buy the paid version of jsecure. Unfortunately, it doesn't work properly with Joomla 1.6. After a week of frustration and trying to decipher their forum, I finally gave up.

Many thanks to adminexile and its developer. I will make donation. Keep up the great work!
Owner's reply

I was upset that JSecure went commercial, which is why I wrote this plugin. It's good to hear your review!

Page 6 of 6