* Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
* Notifies you by e-mail when a alert is generated.
* Protect also from unKnown 3rd Party extensions vulnerability.
* White list for safe components (at your risk ;) )
* automatic ip blocking on attack
Enable mail report and prepare yourself to be scared!
Anyway remember that security it is a 'forma mentis', not a plugin!
Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)
Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks
Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization
Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail
Version .98 (May 29th, 2010)
Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".
There will be detailed report, with attempt string, and hacker's IP.
I try to report each attack at projecthoneypot
Report looks like:
** Local File Inclusion (and string)
** SUPERGLOBALS DUMP
This plugin Rocks and Roll
I discovered this extension, installed and set it up, and passed the security screen on its next scheduled scan.
It works as advertised...thanks much!
Advantages: basic protection of SQL injection, attack attempts to notify the site.
Disadvantages: not currently identified.
Support - not used.
Unfortunately there is no way to verify the effectiveness of this extension yourself.
Use this extension on graduate school ites.
Engaged in web technologies since March 2007. Use Joomla since December 2009.
the report is designed for a sysadmin because only an experienced one can understand what to do.
Anyway every one can get a quick help by posting a comments on the page of the plugin: as soon as possible I will reply. (don't post the full hack, I use this plugin too!!)
thak you for using this extension,
Will be sharing details of the attack with my web hosting provider.
Thanks for providing this great tool to the Joomla! community. Much appreciated.
can someone help me???
am only 13years old man
The site contains instructions for action in case of problems like these (the 'Recovery of improper installation' section), there are also the comments of users and a help service.
You played with the configuration without reading the instructions and you locked yourself out of your house: why did not you ask for help before writing a negative review?
You have 13 years and you are young, but take a moment to think about what damage you could have done with your review, if this extension was a commercial component.
This plugin has save mu job and my money for many many times, has help me to found an attacker and go him to the judge... except saving my sites ofcourse!
A REALLY BIG THANK YOU FOR PROVIDING US THIS PLUGIN!
I 10000% suggesting it with closed eyes!
Inform me when u will make a donation system on your site!
Great work Marco, I've been using joomla since it was Mambo never wrote a review before, after using this plugin and see it working perfectly.