- Restrict administrator with a secret URL parameter
- Web Application Firewall to block common exploits (SQL injection, XSS, DFI, RFI, malicious user agent, CSRF/spam-bot protection, uploads scanner)
- Bad word filtering
- IP Whitelisting for the administrator section
- IP Blacklisting
- Geographic block (deny access to specific countries/continents)
- Modification of Generator meta tag and other sensitive HTTP headers
- Email on administrator login
- Block front-end Super Administrator log-in
- Block Super Administrator user modification
- Block extensions installation
- Block visual fingerprinting (tmpl, template and tp URL parameters)
- Integration of the Bad Behavior anti-spam library
- Project Honeypot IP blacklist integration
- Automatic IP blocking of repeat offenders
- Email notifications of all detected security issues
- URL redirections (exclusive support for query parameters!)
- Scheduled site maintenance operations
The software is GPL; buying a single subscription you can install it on as many sites as you want and keep it running even after your subscription expires, without encrypted code, domain limitations or other such nuisances.
The other is also from Akeeba.
As well as enhancing site security, within AdminTools there are many other useful tools - this is a very useful toolkit.
The Site Security feature alone in my opinion is worth the Professional version's fee.
Documentation is very logically laid out and very in-depth.
Most matters are covered in the documentation, but where clarification is required the Akeeba site Support is excellent.
Well worth the fee - you will save it time and again with the useful features.
Keep it up Akeeba !
Working with the extension is a pleasure. I use the extension for our law firm. I is so worthwhile to use each of the tools, and each is easy, and the really powerful.
All the settings are completely documented. You decide which features you want to use, where the most are self-explaining other will need some research in the documentary.
This component is an essential! and should be installed on every Joomla - Installation
Sure I have had hacking attempts but they have been fairly innocuous and nothing has happened....until now.
OK, it was my fault. My site hadn't be updated in a while and suddenly I was covered in Finnish spammed content. It only took 2 minutes to remove it and delete the users but sure enough they were back.
I would love to thank those hackers (after spanking them with a plank with a nail coming out of it) for pushing me to make that decision.
Ah, the joy I get in watching the e-mails come in. "Security Exception" "Security Exception" "Security Exception" .......
HA HA HA HA!
Yep, that's worth the money. On a plus side my clients are as pleased as punch that I can provide this increased security for free.
The downside? The heart attack when you accidentally blacklist your own IP for the first time. OK it only takes 2 minutes to fix but the feeling when your site completely blocks you?
In short....BUY IT!
It takes some time and effort to figure out the first time, but with the help of the excellent documentation that's easy. Once you've figured out what your perfect settings are, you can just reuse them and it takes no effort at all to configure.
I'm so happy with this extension that I think it's well worth the money spent. I also believe it's an absolute must for any professional Joomla! web designer. It professionalises your work.
When I started developing sites back in 1996 my biggest concern was the user interface. Now, my biggest concerns are security related.
With so much work going into our sites it is disheartening, highly stressful and a huge waste of time when they are hacked or attacked. I can lose days of work getting things back in order.
Since using Akeeba Backup and Admin Tools Pro my life is SO much better.
Thank you to the develpment team for your hard work and very reasonable pricing. You are saints.
Admin Tools never interferes in any way when you are updating your site. Don't forget that Joomla! Update, the component tasked with updating your site included in Joomla! 2.5 onwards, is actually the Joomla! updater Admin Tools used to have, something which we contributed to the Joomla! project. If you have troubles using Joomla! Update make sure that you have not manually removed the .htaccess Maker exception for the administrator/components/com_joomlaupdate/restore.php file we have put there by default. If you did, what you're experiencing is a self-inflicted problem.
As for moving your site to a different host, yes, there will be problems under two circumstances:
1. You are using the .htaccess Maker to generate a .htaccess file. Due to the way Apache (your webserver) works we have to use the hostname of your site. This is documented as the first thing to check in https://www.akeebabackup.com/documentation/troubleshooter/prbasicts.html
2. If you are using the administrator password protection. Again, due to the different ways Apache works across different platforms / servers the generated .htpasswd file may not be readable in the new server. This is documented in https://www.akeebabackup.com/documentation/admin-tools/admin-pw-protection.html
Both of these issues come from the way your web server (Apache) works. A solution is not up to us. All we can do is document the potential pitfall, which we have already done.
We'd appreciate it if you did ask for our support before filing a review. We could have explained as much and told you exactly what you need to do (or point you to the documentation pages with more thorough instructions).
On the other hand, the google bots will be blocked. I asked for this issue and you know what? they told me that I had to put the bots IP's in the whilelist, no way!. By the way, there are a rude people over there.
Finally it has a lot of false positives, you don't know if your site has been accessed for a non dangerous spyder or an offender.
I purchased this tool in order to save some bucks, but I was fine with OSE Security Suite, too bad. Now I will purchase it and I will install it in all my sites again.
I hope this be useful for others.
I told you that you need to read the documentation where it says that you have to enable the "Allow site templates" option to not block Google Bot. It also does explain why. You came to the arbitrary conclusion that our software is killing your sites' Google rankings even though you are not using the default site templates. Our documentation tells you that this is immaterial because the Mail To core Joomla! feature (com_mailto) will always use the core templates. Hence the option we tell you to enable in our documentation.
You also complained that it's difficult to set up. It is, if you don't read the documentation. We are very upfront about it. There is a Quick Start chapter which guides you through the basic setup. If there was one site fits all security solution it would have already been included in Joomla!.
I do apologise for my tone in your ticket of January 6th. I was replying in the same tone as yours. I recognise it was a mistake.