- Restrict administrator with a secret URL parameter
- Web Application Firewall to block common exploits (SQL injection, XSS, DFI, RFI, malicious user agent, CSRF/spam-bot protection, uploads scanner)
- Bad word filtering
- IP Whitelisting for the administrator section
- IP Blacklisting
- Geographic block (deny access to specific countries/continents)
- Modification of Generator meta tag and other sensitive HTTP headers
- Email on administrator login
- Block front-end Super Administrator log-in
- Block Super Administrator user modification
- Block extensions installation
- Block visual fingerprinting (tmpl, template and tp URL parameters)
- Integration of the Bad Behavior anti-spam library
- Project Honeypot IP blacklist integration
- Automatic IP blocking of repeat offenders
- Email notifications of all detected security issues
- URL redirections (exclusive support for query parameters!)
- Scheduled site maintenance operations
The software is GPL; buying a single subscription you can install it on as many sites as you want and keep it running even after your subscription expires, without encrypted code, domain limitations or other such nuisances.
If nothing you should get the product for the unbelievable support you get from Nicholas. In addition there is a knowledge base you can use to try and find the answer to a possible problem.
As far as the extension goes, it has some really cool options especially in the WAF.
Of course, I went over the top in my setup (that is what I do) on that and promptly locked myself out of the site. No problem, I went to the knowledge base and immediately new how to fix the situation.
The builder of htaccess files is awesome, link to Bad Behavior use(search for Bad Behavior extensions, they were pulled from this site a couple of years ago because of a code issue with core Joomla! This software is running just fine), Honeypot implementation and more. You can black or whitelist specific ip addresses, as well as lock out entire country ips. You can plan for what to do if there are security exceptions; ban them after a certain number of tries, email you when it happens, and so on. Go ahead and google this extension to see what you find. I would be hard pressed to find something negative about it.
Don't be stupid, just buy it. I just wish all commercial extension people stood behind their product like Nicholas does.
I read the reviews of Admin Tools Professional & decided to try it.
This is the best extension I have ever purchased. It is very reasonably priced, installed without any problems, was easy to configure and came with great support documentation.
I've had no more instances of hacking so far (hope this continues).
If you have a joomla site then you need this extension too.
Thank you ...
It is extremely helpful. It allows you to do most of the important things to protect your Joomla site very easily. It is not a substitute for knowing what you are doing, and it is a really good idea to read the documentation - which thankfully is is quite thorough. But if you have a basic understanding of site security it is very useful indeed. I find the log format particularly helpful, you can see exactly attacks are taking place on your site.
I definitely recommend this extension.
This extension has it all: htaccess-maker, Web Application Firewall, protection for spam, SQL injection, CSRF-shield etc., blocking options and even more.
You really need to read the documentation but trust me, it's worth the effort and you will understand this extension a lot better.
Support is without doubt the very best in the Joomla community, Nicholas is a great guy and gives you all the support you need and even more! Absolutely recommended!
I really need to put some effort into customizing the config, but it did appear to solve my initial problem straight "out of the box".
There are also some very handy tools included. I always use the .htaccess maker, which creates a detailed and good .htaccess file within minutes. Also the permission repair and database optimize functions are really handy. Just a couple of clicks and you're done.
Meanwhile the Admin Tools plugin does some automatic maintenance: session optimizer, cache cleaner, temp directory cleaner (improves security) and more. Keeping your site in good shape at these points.
It's advised to read the manual to get the most out of this component. Also don't just enable something if you don't understand it. For example some of my clients couldn't add Joomla users, because Admin Tools blocked it to improve security. Just turn the setting temporarily off and you're good to go.
Support is AWESOME and Nicholas often replies within minutes. Problems are most of the time solved within minutes or hours. To sum it up: Admin Tools Pro is a must-have extension, I wouldn't trust my site without it! Keep up the good work Nicholas!
I love the Web Application Firewall and the .htaccess generator!
Stable and essential component for helping to protect the confidentiality, integrity, and availability of one's Joomla installation.
Some of the settings can be confusing. There needs to be more tool-tips and hover-text provided for every option that clearly explains what they're for.
A no-brainer. EVERY Joomla Admin should have this component. This should be part of Joomla core!
Admin Tools has many features, and raised the security of our web site to the highest level, because site is a joomla, this component essential.
Automatic block users who attempt to invade and to report to the selected e-mail / mobile phone if something that I like the most. Admin Tools Professional is like swiss knife for Joomla, need to have installed.