HttpHeader Plugin This Joomla Plugin implements an UI Layer for the HTTP Security headers so everyone can set and configure them from the backend. Features This Joomla Plugin helps you to set the following HTTP Security Headers. - Strict-Transport-Security - Content-Security-Policy - Content-Security-Policy-Report-Only - X-Frame-Options - X-XSS-Protection - X-Content-Type-Options - Referrer-Pol...

FetchMetadata Plugin This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers (w3c-spec) Features This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers The implemened rules are: - Step 1: Allow requests from browsers which don't send Fetch Metadata - Step 2: Allow same-site and browser-initiated requests - Step 3: Allow simple top-...

Force2faUsergroup Plugin This plugin allows to force users to set up 2FA in a specific user group. Features This plugin allows to force users to set up 2FA in a specific user group. Setup the groups to force a 2FA setup on the next login. Configuration Initial setup the plugin Download the latest version of the plugin Install the plugin using Upload & Install Enable the plugin System...

WEBSITE BLACKLIST CHECK AND MONITOR Google blacklists more than 12,000+ websites every day. You can loose up to 99% of traffic if your website has been blacklisted. Google protects its users from dangerous websites that may show up in search results and if your website has dangerous behaviour it gets banned by Google and you loose customers and visitors. Google Chrome blocks all your visitors fro...

Note: now you can download the Joomla 5 plugin. One of the first things we should do when we put a Joomla site into production is hide access to the administrator . Nobody should access the /administrator folder of your website , neither curious, nor robots nor of course hackers. It is necessary to hide that folder for safety and also for a bit of modesty. Joomla does not have that option by de...

Invisible reCAPTCHA serves to protect websites from spam and automated abuse while maintaining a seamless user experience. Here are some key purposes and benefits: User Experience: Minimal Disruption: Unlike traditional CAPTCHAs that require users to solve puzzles or checkboxes, Invisible reCAPTCHA works in the background, allowing legitimate users to interact with your site without interruption...

SMS & EMAIL OTP VERIFICATION - Email and SMS authentication This plugin makes it a breeze for your website to verify if someone signing up or logging in is truly who they claim to be. It works by sending a special code to their email or phone, which they must correctly enter to confirm their identity and ensure they're not using a bogus account. This not only keeps scammers at bay but also enhanc...

HYDRA - human verification plugin. A flexible plugin for checking users that they are not robots. Effectively copes with the task of blocking robots during registration. Suitable for any forms and sites. Visual adjustment of verification codes from the most easily readable to complex, which makes it almost impossible for robots to recognize the image. Additionally, a trap field is invisible to p...

This Joomla backup plugin allows you to save Joomla extension settings: modules, plugins, templates and components configurations. How many times has it happened to modify the settings of a plugin, a module or a template and, after various tests, not being able to go back to the previous configuration? With Params Backup you can save settings of Joomla extension you are editing, and then reload...

Prevent and stop bots traffic, Web Scraping, Tor traffic, Spam Submissions, Web Fraud, Business logic and Denial of service (DDoS). This plugin inserts in your website the CloudFilt codes for the security tracking available on https://cloudfilt.com/. Features **Authentification form** Using your public and private key to connect your Joomla website to your CloudFilt account and enable CloudFi...

The System - Syslog plugin provides logging by sending RFC 3164 compliant messages to multiple remote syslog servers as well as the logging facility of your web server's operating system. Options Log categories: A comma separated list of log categories to include. Common log categories include but are not limited to: database, databasequery, database-error, deprecated and jerror. If empty, all c...

Shack Error Notify will rescue you from serious site problems. This plugin will send automatic notifications if anything goes wrong with your Joomla site. We have used this plugin at Joomlashack for years, and it has saved us on many occasions. It is easy to miss site errors, but Shack Error Notify catches them all! You will get an email describing what went wrong on your site, and showing you wh...

ALPHASCRAMBLE 2.0 - nothing remains undetected With ALPHASCRAMBLE, you can create a snapshot (current state) of your website. Every change to this structure triggers an alarm. Additionally, potential malicious files are placed in quarantine and new registries are deleted. Problem: Once your website is online, you will not immediately notice when a hacker attack has taken place. Especially if you...

This simple and very powerful tool can detect fakes links, hidden texts, iframes, JavaScripts codes and redirections. After reviewing the scan report, you can easily remove failed links and suspicious codes from the pages of your Joomla website. Hidden links, injected JavaScript codes – all these can negatively affect the SEO of your website. As the result your site will lose its position in G...

On request redirects Joomla Manager at Google, on the first line out not working manager redirects Joomla In fact it is not. It works, but not as you think. Firstly, it should be included plug - System - Redirects. Second plug-in works only when the link is included in the 404 !!!, that is, page does not exist. If you want to redirect the existing link, you will not come out. This is justified...

Did someone clone me protects your website and visitors against phishing attacks. It will send you a notification when someone clones your website. In order to activate the service, take the following steps: – Go to the website https://didsomeoneclone.me and generate a personal link. – Embed the personal link into the website using the Joomla! plugin settings. If a clone is detected, the web...

VikSecure is an extension that offers a lot of security services to protect and sanitize your Joomla! website from hackers, bots and malware. Given the strong relation between the Joomla! framework and Vik Secure, the extension can be installed starting from Joomla! 3.5.0. Reports : keep track of the actions performed by the users that try to do something suspicious. Admin Token : protect you...

An Intrusion Detection System(IDS) is a software that monitors a host and notifies you of suspicious activity, in this case your Joomla website. Such suspicious activity can be a sign that attackers are trying to find a security hole to exploit on your Joomla website, or have already hacked into it. IDS detects Cross-site scripting (XSS), SQL injection, header injection, Directory traversal, Rem...