Securitycheck
Version
2.4.2 (last update on May 22, 2013)
Rating
Compatibility
Reviews
13
License
GPLv2 or later
Non-Commercial
Type
Date Added
5 February 2012
Uses Updater?
- Yes
* A new AJAX interface to manage entire extension quickly and easily.
* Web Firewall
The web firewall has been tested against more than 90 SQL, LFI and XSS attacks patterns, and includes the following features:
- Blacklist.
- Whitelist.
- Events recording, which can be viewed by admins from backend.
- Redirection to a default page if an attack is detected.
- Second level protection to find suspect words.
- Session protection
* File Manager
You can check file/folder permissions and easily view misconfigured configurations.
* .Htaccess protection
Want to hide your backend url? Add a secret key to your admin page to prevent dictionary and brute force attacks.
* Vulnerabilities checking
Securitycheck performs a check of the versions of all the components of your Joomla installation, comparing them with its database to show if there are vulnerable extensions. Forget
individually test of every component to avoid vulnerabilities: Securitycheck does it for you.
* Akeeba Live Update integration
We have included this feature to easily manage and update new releases.
++ Please, read the user guide before install the extension.
Security is becoming a huge issue and I manage about 100 Joomla sites so I test a lot of security extensions. This one works right out of the box, and it gives me a log of attempted exploits against the site, does a really good job.
Even a good ext. without a support is always just half baked thing. Not the case with this ext. I operate a site with approx. 70.000 and troubles came up. With José excellent support the problem could be located and solved. Many thanks.
Very Thanks to developer for this nice extension. At first, I got few problem, But I got excellent support from developer after I sent email to him. I detected a problem with this component and one of my original component. But it's NOT a big deal. After few hours, he sent upgraded component to me. What a fantastic support! I suggest you all to use this extension. You will not get regret for using it.
We have been using this component for a little while now and find it pretty useful. The only thing however that is missing is module and plugin security checking. If this was included this would be one of the best non-commercial security audit tools for Joomla that I have found to date. If this component could do that, I think it would get a lot more attention than it already has too and people will probably donate more as well. It is nice to see more non-commercial security audit tools out there and that you take security seriously. We thank you for your hard work put into this component and future developments. Nice work!
PROS: Very simple to install and check site security status of installed components, there are regular updates, support is great and the developer takes security seriously.
CONS: The only con is this component doesn't scan plugins and modules.
All in all this is a great component and I would especially recommend this to novice webmasters as well as advanced Joomla webmasters. It is simple, effective and to the point.
PROS: Very simple to install and check site security status of installed components, there are regular updates, support is great and the developer takes security seriously.
CONS: The only con is this component doesn't scan plugins and modules.
All in all this is a great component and I would especially recommend this to novice webmasters as well as advanced Joomla webmasters. It is simple, effective and to the point.
Owner's reply
Thank you for your review, B0RG!!
I take note of your suggestions for future developments.
I installed this plugin and it ran happily
and one fine morning it said
"It has been detected a sequence that could mean a hacker attack. Your request can not be processed." and with couple of php errors.
I don't know how long my site was that way.
Bugs are something I can understand, but if the site goes down with the above error and worst you cant even access the admin page. I afraid I can't suggest anybody to use this.
I am one advanced user of Joomla so I could recovery from it. I am wondering people with less knowledge of Joomla.
and one fine morning it said
"It has been detected a sequence that could mean a hacker attack. Your request can not be processed." and with couple of php errors.
I don't know how long my site was that way.
Bugs are something I can understand, but if the site goes down with the above error and worst you cant even access the admin page. I afraid I can't suggest anybody to use this.
I am one advanced user of Joomla so I could recovery from it. I am wondering people with less knowledge of Joomla.
Owner's reply
You didn't contact me in any way (forum or email) to see what was happening, but you put this bad review here...
You, as an "advanced user" of Joomla, should know that all extensions have to be tested in a test environment and, if you have any problem, contact with the developer.
You say your problem was a bug, but I will give you an example: some weeks ago I received an email of a person with a "problem" like yours: the plugin was blocking the entire site. After some test, we discovered that the template was saving patterns in a cookie that could be confused as an sql injection attack, so the plugin was working fine.
Did you read the documentation? If you have done it, you will know that every filter can be disabled if you have some kind of problem with any extension and that the plugin shows a 4xx error if an attack is detected.
It's really difficult to detect your own vulnerability, so I have found this component really usefull to me.
Besides, the plugin has detected a set of attacks to my web, and it was all recorded and I was advised. It makes me feel safer.
It's easy and it's free. Maybe i'll update to pro version in the future.
A quite nice job, congratulations to developer.
Besides, the plugin has detected a set of attacks to my web, and it was all recorded and I was advised. It makes me feel safer.
It's easy and it's free. Maybe i'll update to pro version in the future.
A quite nice job, congratulations to developer.
