- Site Security

Akeeba Backup

Akeeba Backup

Free | Site Security | Akeeba Ltd
3
Score:
100
996 reviews
Akeeba Backup Core is the most widely used open-source backup component for the Joomla! CMS. Its mission is simple: create a site backup that can be restored on any Joomla!-capable server, making it ideal not only for backups but also for site transfers or even deploying sites to your clients' servers. Akeeba Backup creates a full backup of your site in a single archive. The archive contains all the files, a database snapshot and an installer similar in function to the standard Joomla! installer. The backup and restore process is AJAX powered to avoid server timeouts, even with huge sites. Alternatively, you can make a backup of only your database, or only your files. Akeeba Backup is the reliable, easy to use, open source backup solution for your Joomla! site. Akeeba Backup has won six J.O.S.C.A.R. awards at J and Beyond. Download it for free to find out why! Joomla! 3.4 and later, PHP 5.4 and later (including PHP 7). We have older versions for Joomla! 1.5 to 3.3 and older PHP versions on our site. Features: The Configuration Wizard configures itself for optimal operation with your site, automatically. The fastest and most reliable native PHP backup engine. One click backup. Integrated restoration for same server restoration. Site transfer wizard. Transfer your site between servers fast and easily. Restore with Akeeba Kickstart (free of charge script): restore extracting the backup directly on the server; no need to upload thousands of files by FTP! Choose between standard ZIP or highly efficient JPA archive format. Exclude specific files, folders. Exclude specific database tables or their contents. Unattended backup mode (CRON job scheduling), fully compatible with Webcron.org Archives can be restored on any host. Useful for transferring your site between subdomains/hosts or even to/from your local testing server (e.g. XAMPP, WAMPServer, MAMP, etc). and much, much more! Note: The Akeeba Backup Core component is free of charge, its support is not. We can't tell you what you need to get support because of JED censorship, but you can find out about it on our site. In any case, Akeeba Backup's documentation, video tutorials, troubleshooting wizard and reading the public tickets is free of charge. *** IF YOU CAN'T FIND HOW TO ENABLE A FEATURE LISTED HERE, PLEASE READ THE (FREE) DOCUMENTATION AND WATCH OUR VIDEO TUTORIALS! ***
c m p
ECC+ - EasyCalcCheck Plus

ECC+ - EasyCalcCheck Plus

Free | Site Security | Viktor Vogel
3
Score:
100
164 reviews
Protects Joomla! core forms and 3rd party extensions through the integration of anti-spam services and adds an arithmetic problem, a question, a hidden field and a time lock. With the powerful custom call feature every form can be protected in Joomla! with a special syntax. Integrated external antispam services: Google ReCaptcha, Akismet, Honeypot Project, StopForumSpam, Mollom, Bot-Trap, Botscout Protects the backend via a token. Only with the right token, the administrator login site can be opened! Also included: SQL Injection and Local file Inclusion protection. Have fun and NO spam! :-) Download Joomla! 3 - https://joomla-extensions.kubik-rubik.de/downloads/ecc-easycalccheck-plus/joomla-3 Support The extension is completely free, but you need a subscription for support: https://joomla-extensions.kubik-rubik.de/subscription
p
AdminExile

AdminExile

Free | Site Security | Michael Richey
3
Score:
100
135 reviews
Your /administrator area is vulnerable - secure it with AdminExile. Access keys, IPv4/6 Black/White Lists (IP and CIDR netmasks supported), Brute Force detection. AdminExile has you covered. The AdminExile Plugin has long been a favored and highly rated extension in the JED. Read the reviews, check out the 9 pages of documentation, and then try it yourself. Key features: * Access key(s) - key only, or key + key value. Others provide one or the other. AdminExile provides BOTH. * Front-end Restriction - Restrict certain accounts from logging into the front-end with accounts intended only for back-end use. * Lost Key Recovery - Useful for individuals using extremely difficult keys, or teams who change the keys frequently. * IP White and Black Lists - Use individual addresses, or CIDR netmasks to define your lists. * Brute Force Protection - Penalize users who abuse your system. * Management of blocked addresses - See a list of blacklist attempts and bruteforce attempts, as well as the ability to reset those IP addresses. * Admin Notification - When abuse comes from a blacklisted address or brute force is detected, an administrator can be sent a notification. * Stealth Mode - Prevents tell-tale signs that something exists at /administrator, like the session cookie! There are far too many features to describe in this page. Visit the documentation link to get the bigger picture. Version 2.3.0 - additional error handling for invalid IP address/subnets typed in configuration - new IP configuration interface (With automatic sorting) and IP validation Version 2.3.1 - fix include path issue experienced in older PHP versions Version 2.3.2 - PHP Dynamic Loader enhancements (Thanks Richard B.) Version 2.3.3 - fixed include path error Version 2.3.4 - silenced unneeded warnings Version 2.3.5 - resolved errors introduced by J3.3.1 and J2.5.19 Version 2.3.6 - resolved jQuery chosen issues All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.
p
KeyCAPTCHA

KeyCAPTCHA

Free | Site Security | Mersane, Ltd
3
Score:
100
125 reviews
KeyCAPTCHA - CAPTCHA with social features. You may support charity funds by using KeyCAPTCHA. Unlike many other captchas, it does not require any text typing. Free Variants of Using KeyCAPTCHA: 1. Anti-spam protection. Social advertising. Monetization through commercial ads. 2. Anti-spam protection. Monetization through commercial ads. 3. Anti-spam protection. Social advertising. 4. Anti-spam protection without any ads. Social features: You may support charity funds by enabling social advertising in KeyCAPTCHA. Also you can earn money by specifying social and commercial advertising shares in KeyCAPTCHA on your website. Integration with Joomla extensions: * Standard Joomla Registration, Contact Us, Reset Password and Remind Username forms * JComments * VirtueMart forms: Registration, Checkout, Ask Question !!! * JoomShopping * Community Builder (CB comprofiler) Registration and Forgot login forms * JomSocial registration form * AlphaRegistration * K2 Registration form * DFContact * ALFcontact * Phoca Guestbook * Easybook Reloaded * K2 Comments * yvComment * JXtened comments * FlexiContact * JoomlaDonation * Compatible with RocketTheme templates * ChronoForms (up to 3.x) * AdsManager * QContacts * Job Board * Mosets Tree (review form) * HikaShop * JWHMCS Integrator * JoomGallery KeyCAPTCHA Unique Technologies: * Instead of guessing symbols, our CAPTCHA offers visitors to complete an easy interactive task. * If KeyCAPTCHA hasn't been solved correctly, page refreshing doesn't take place that allows the user not to fill in the form repeatedly. It occurs since there is an initial checkup of CAPTCHAs in the KeyCAPTCHA servers before sending a filled-in form to the protected web server. * Our CAPTCHA also can be used even if your hosting provider blocks all outgoing connections. Installation: 1. Register on and log-in to our site https://www.keycaptcha.com 2. Add your site URL to a Site list. 3. Follow the CAPTCHA installation instructions in our Wizard. Upgrade: To upgrade KeyCAPTCHA plugin you have to uninstall the previous version.
p
Securitycheck Pro

Securitycheck Pro

Paid download | Site Security | Texpaok
3
Score:
100
54 reviews
Securitycheck Pro is a global protection suite designed to protect your website without affecting your server's speed. This version includes: A modular interface to manage the entire extension quickly and easily. Web Firewall The web firewall has been tested against more than 90 SQL, LFI and XSS attacks patterns, and includes the following features: Ipv6 supported. Blacklist (ip range allowed). Whitelist (ip range allowed). Dynamic blacklist. Events recording, which can be viewed by admins from backend. Alert or strict mode. Redirection to a default page or drop connection if an attack is detected. Second level protection to find suspect words (with editable list of suspect words). Base64 check. Email notification. Filter exception, mode and priority selection for greater flexibility. User session protection. Session hickjacking protection. Export logs in csv format. File Manager You can check file/folder permissions and easily view misconfigured configurations. Any problem? Click 'Repair' button and permissions will be corrected. File Integrity Thousands of files in our Joomla website, how to know if one of them is modified? With File Integrity you will be alerted when a change occurs in any file. Malware scanner The most advanced malware scanner on the market. Look for suspicious patterns, known malware filenames and files with multiple extensions and check them against an online service with 40 anti-malware engines and millions of hashes on it databases. And all with two clicks! .Htaccess protection Lot of traffic from bots? Block malicious user-agents and increase overall security esily with this feature. Want to hide your backend url? Add a secret key to your admin page to prevent dictionary and brute force attacks. Track failed login attempts We can monitorize failed login attempts from backend and frontend and take actions against them. Email on backend login You receive an email every time someone access to the backend. Forbid new administrative accounts Even if they are created not using the Joomla backend. Geoblock Forbid troublesome countries' access to your site this feature, which allows us to block IP addresses based on its geolocation. Upload scanner We can check uploaded files looking for files with multiple extensions and forbid certain extensions. Remote Management Manage the extension remotelly from a centralized console. Rules Management Trusted users? Now you can choose to which groups apply Web Firewall rules. Cron Plugin Get files status without afecting QoS. Launch File Manager or File Integrity tasks when your server has less workload. Module Info Check your Joomla security status at a glance. Vulnerabilities checking Securitycheck Pro performs a check of the versions of all the components, plugins and modules of your Joomla installation, comparing them with its database to show if there are vulnerable extensions. Forget individually test of every extension to avoid vulnerabilities: Securitycheck Pro does it for you. Vulnerabilities database Securitycheck Pro incorporates a database where you can see all the vulnerabilities known to our version of Joomla. This database is constantly updated to include the latest vulnerabilies. Akeeba Live Update integration We have included this feature to easily manage and update new releases. Performance This feature has been designed to improve Joomla's performance. Now we can optimize and repair our mysql database.
c m p
SecurImages Captcha Plugin

SecurImages Captcha Plugin

Paid download | Site Security | Ideal Extensions
3
Score:
100
37 reviews
This Captcha plugin works with any Joomla extension capable of using the Joomla core captcha plugin system. It uses the Securimage PHP CAPTCHA script for generating complex images and CAPTCHA codes (including math challenge) to protect forms from spam and abuse. It can be easily added into existing forms on your Joomla 2.5, 3.x or newer website to provide protection from Spam bots. It can run on almost all web-servers as long as you have PHP installed, and GD support within PHP. SecurImage does everything from generating the CAPTCHA images to validating the typed code. Audible codes can be streamed to the browser with Flash for the vision impaired. Features: Works with Joomla Registration and any other extensions that is compatible with Joomla captcha plugin system; Works with Contact Enhanced, iRecommend, Ajax Recommend and Ajax Contact; Customizable code length, character sets, and Unicode support; TTF font support. You can choose the font you want to use; Very easy to customize colors; Easily add background images; Easily add signature to images; Several security features such as image distortion, random lines, and noise; Flash button to stream audible codes in WAV format; Ability to use a word list; Add a word list in your language to /plugins/captcha/securimage/lib/words/ Display alphanumeric captchas, or simple math problems; Highly customizable! Screenshots Alphanumeric captchaSecurImage Math Challenge Online demo: Support Form Installation Install the plugin by accessing the administration menu of the back-end under Extensions. Then access Extensions → Plugin Manager, look for Captcha - SecurImage and customize it to your needs. Don't forget to enable it! The default installation file do not come with the audio files in order to keep the installation file under 2Mb (on some servers files over 2Mb are not uploadable). Download audio files: Noise files. Unzip and upload the files to /plugins/captcha/securimage/lib/audio/noise/ Audio: Unzip and upload the files to /plugins/captcha/securimage/lib/audio/ English (en-GB); Dutch (nl-NL); Italian (it-IT); Portuguese (pt-BR); Usage: We've tried to make it very simple to use Captcha. Select Extensions → Plug-in Manager from the drop-down menu of the Joomla! Administrator Panel. Go to Global Configuration, and select the "Site" tab. Choose "SecurImage" in your "Default Captcha" field. Click Save & Close. Go to your Plugin Manager. You can find this under Extension Manager along the top menu or in the buttons on the main page of your Administrator panel. Edit the Plug-In "Captcha - SecurImage" Set Status to "Published" Change the settings accordingly to your needs. Below is a screenshot of all the available settings;
p
Brute Force Stop

Brute Force Stop

Free | Site Security | Bernhard Froehler
3
Score:
100
36 reviews
This plugin provides means to avert Brute-Force-Attacks on your Joomla-Installation. For this purpose, the plugin stores information on failed login attempts, so that when reaching a configurable number of such failed login attempts the attacker's IP address can be blocked. Furthermore, you can configure notifications about failed logins and blocked IP addresses, as well as a configurable (optionally even adaptive) delay for a failed login attempt. The component included in the package will allow you to view the blocked IP addresses and manage them, manage whitelists of IP addresses which will never be blocked, viewing failed log attempts and testing the notification. New in Version 1.3.0: - Allow showing IP address in blocked message - Show hint to use reset password functionality - small fixes For a full list of changes in each version see the Changelog at https://github.com/codeling/bfstop/blob/master/CHANGELOG Contributors: - pt-PT/pt-BR translations and various fixes by solrac (comproperty247(at)gmail.com) - ca-ES translations by nouespai - fr-FR translations by Flying_Lolo - nl-NL translations and various fixes by Rob van Baal (info(at)fischertechnikclub.nl/http://www.fischertechnikclub.nl) - es-ES translations by Aimagen (info(at)aimagen.com) - ru-RU translations by Raven (ravencrow(at)mail.ru) - it-IT translations and various fixes by Stefano Buscaglia (info(at)binarioetico.org/http://www.binarioetico.org) - old nl-NL translations by Agrusoft
c p
R Antispam

R Antispam

Free | Site Security | Ratmil
3
Score:
100
32 reviews
"R Antispam" is the only Joomla antispam extension for Kunena forums that uses a Bayesian algorithm. This means that spam recognition is improved over time. It can be adapted to prevent spam in other extensions. It works better if integrated with Akismet. You can get an akismet key at akismet.com. And if you think that you have to pay for a key, better look again and you will find that you can get it for free. The extension adds a reference to the developer's site, but you can remove this in configuration.
c p
SpambotCheck

SpambotCheck

Free | Site Security | Aicha Vack
3
Score:
100
30 reviews
This plugin stops spam at the very source. It leverages major DNS and e-mail black list providers to prevent spam sources from registration and login into your site. SpambotCheck delivers you real-time spam protection which is constantly and diligently being worked on by various international nonprofit organizations. Feature Overview SpambotCheck offers simple opt-in configuration for: black list providers to use Points of impact to survey (registration, registration and login) Spam ID information to use (IP, e-mail address and/or username) SpambotCheck allows you to maintain your own personalized local listings: whitelist (e-mail and/or IP) blacklist (e-mail) Get an instant overview of spam attacks targeting your site: Log, view and edit spam attack information Receive incident notification via e-mail Registered users who show suspicious behavior are labeled accordingly Currently supported black list providers: stopforumspam.com projecthoneypot.org sorbs.net spamcop.net Languages: English German Spanish French Italian Estnian Portuguese SpambotCheck is a small, concise and most importantly a non-invasive plugin, that already offers you about 99.5% efficiency in spam attack protection. The plugin does not need to inspect any contents and therefore is suitable in all situations where there is not any mail text or submission text available. And even if you are dealing with text submission in forums and blogs, as long as registration and/or login is required, you might consider to use SpambotCheck in combination with additional content analyzing tools that run afterwards. SpambotCheck would then be acting as the outer most tier of any composed spam protection stack that provides you with the highest site protection level possible. Support issues or feature requests are very welcomed at our SpambotCheck user forum. A special version of SpambotCheck is already bundled with our custom form creator 'visforms' to protect all your exposed custom made forms right from the start. Your Contribution Matters If you happen to encounter the unlikely case to be one of the first targets of a yet unlisted spam source, feel free to report to one of the above mentioned black list providers. SpambotCheck's own enhanced users view provides you with all information you need to easily file a report. Release Notes: March 24, 2015 Changes for Version 1.3.13 (Joomla! 3.x): Removed provider spambusted.com as it stopped its service. Bugfixes concerning both blacklist and whitelist. Bugfixes concerning the various filter functions of the component's data views. Code was thoroughly refactored and comprehensively automatically tested. Most Recent Release History: February 10, 2014 Changes for Version 1.3.12 (Joomla! 3.2): Bugfix for Joomla! 3.2.2 UsersHelper::getActions() was changed in Joomla! 3.2.2 and calling it threw a fatal error. Version is only compatible with 3.2.2 or higher (For Joomla 3.0 to 3.2.1 use Version 1.3.11). October 18, 2013 Changes for Version 1.3.11 (Joomla! 3.0): Only check e-mail whitelist when an e-mail is passed. Only check IP whitelist when an IP is passed. Changes for Version 1.1.11 (Joomla! 2.5): Added e-mail blacklist and added a component with several views to manage suspicious users and logged spam attack data. June 19, 2013 Changes for Version 1.3.10 (Joomla! 3.0): Handled deprecated and modified functions in Joomla! 3.0. Changes for Version 1.3.10 (Joomla! 3.0) and 1.1.10 (Joomla! 2.5): Included script.php to handle flawless auto update. Changed all tags for language files to a Joomla! compatible format. General refactoring and minor bug fixes. April 11, 2013 Changes for Version 1.3.9 (Joomla! 3.0) and 1.1.9 (Joomla! 2.5): Improvements in finding all super administrators. Integration of new Joomla! Updater (you can use the update function of the extension manager to find and install updates). March 21, 2013 Changes for Version 1.3.8 (Joomla! 3.0) and 1.1.8 (Joomla! 2.5): New parameters added to specifically control admin e-mail notification about spam attacks. Include full user information (username, e-mail and IP) when logging spam attack information into the database (some of this information haven't been stored in previous versions). Changes for Version 1.1.8 (Joomla! 2.5): Allow generic e-mail in the whitelist. The e-mail whitelist is now a text area having more space. Check cUrl availability during installation (which was already available for Joomla! 3.0). January 14, 2013 Changes for Version 1.3.7 (Joomla! 3.0) Compatibility for Joomla! 3.0. Allow generic e-mail in the whitelist. The e-mail whitelist is now a text area having more space. Check cUrl availability during installation (which was already available for Joomla! 3.0).
c p
Email Protector

Email Protector

Free | Site Security | Regular Labs
3
Score:
100
21 reviews
Email Protector - Safely cloak email addresses in Joomla! Email Protector cloaks email addresses in your Joomla! website, making them unreadable for spambots. Email Protector is a replacement for the Joomla! core email cloaking plugin. The core email cloaking plugin has a couple of issues and shortcomings. Email Protector solves these issues. NO MORE JAVASCRIPT ISSUES The core email cloaking plugin uses the javascript document.write method, which is outdated and can cause issues with other javascripts. It also relies solely on javascript to cloak the email addresses, which means that if the javascript fails for whatever reason, you cannot see the email address at all. Email Protector cloaks the email addresses in a different manner which solves this issue. It uses both CSS and javascript to cloak the email addresses. When javascript fails to load, it will still display the email address to the visitor, but in a cloaked manner. NOT ONLY IN ARTICLES The core email cloaking plugin is a content plugin. This means it only works in articles and content that is specifically passed through the content plugins. As a result this often means that email addresses in modules and 3rd party extensions are not cloaked. Email Protector is a system plugin and is written in a way that it will cloak email adresses in your entire website. So also in modules and 3rd party extensions. LEAVE IT LIKE IT IS The core email cloaking plugin has the option to convert all email addreses to mailto links or display them as plain text. Email Protector has an extra (default) setting to leave the email addresses as you create them in the content. So if the email address is a mailto link, it leaves it as a link. And when it is only text, leave it like that. How to use it: https://www.regularlabs.com/emailprotector PS: Regular Labs was formerly known as NoNumber
p
LazyDbBackup

LazyDbBackup

Free | Site Security | Robert Gastaud
3
Score:
100
20 reviews
LazyDbBackup is based on LazyBackup by Stefan Granholm. (GNU/GPL 2 or over license). This plugin was internationalised (for Joomla! 1.5 and 1.6) and modified to run with Joomla! 1.6 and now Joomla! 2.5 (Joomla! 3.4.6 too). Two versions: PDO (doesn't work on some servers) and Mysqli. All versions come now with English, French, German translation files (thanks to Nathalie Laurent (n-at-work.net) for this German translation) and now Spanish translation by Jorge Ferreira (jorguito.com). 2012-12-20 : added italian translation by Giovanni Roli. Its purpose is to backup your Joomla! (only MySQL) database and send the backup file by e-mail. One parameter allows you to deactivate the e-mail feature; the backup files are then kept in a special folder which you can download by FTP when needed. Version 1.5.5 for Joomla! 1.5 Version 1.6.5a for Joomla! 1.6 and 1.7.0 Version 2.5.0a for Joomla! 1.6/1.7/2.5 2011-07-09: corrected bug when sending backup to multiple email addresses (thanks to Gerald Berger) 2011-12-23: 2.5.0 now Joomla! 1.6/1.7/2.5beta compatible 2012-01-19: 2.5.0a Joomla! 1.6/1.7/2.5 compatible 2012-09-26: 3.0.1 Joomla! 2.5/3.0 compatible 2013-11-18: 3.1.2 Joomla! 2.5-3.2 compatible 2015-03-17: 3.4.2 2 versions 2.5-3.4 compatible PDO and MySQLi 2016-03-25: 3.5.1 Joomla! 3.5 compatible; allows you not to delete backup file after mailing it 2016-07-08: added dutch translation, thanks to Eric Swinnen
p
Incapsula

Incapsula

Free | Site Security | Shay Zalman
3
Score:
100
8 reviews
Incapsula Website Security and Performance component allows you to manage your website security, performance and content delivery from your Joomla Admin. The service includes, improved website performance and more… Incapsula Website Security and Performance component includes: Website Security – Instant Virtual Patching: Incapsula's unique bot detection technology protects Joomla websites from intruding comment spammers, fake registrations, site scrapers and other threats. Leveraging a unique crowd-sourcing security model and an extensive real-time knowledge base of website attack patterns, new vulnerabilities are quickly detected and are released to mitigate these threats. Website Performance – Global CDN & Optimizer: Incapsula's global CDN improves website performance by caching and optimizing its content and delivering it directly from the Internet’s backbone. On average, websites using Incapsula are 40% faster and consume 50% less bandwidth. Advanced Analytics - Performance and Threats Statistics: Incapsula's dashboard includes live stats for all website traffic, including human visitors, bots, performance statistics and detailed threat reports.
c p
Admin Tools

Admin Tools

Free | Site Security | Akeeba Ltd
3
Score:
99
188 reviews
Admin Tools is a true Swiss Army knife for your site. Our freely available Admin Tools Core will detect, notify you about new Joomla! releases, fix your files' and directories' permissions, protect your administrator directory with a password, change your database prefix, migrate links pointing to your old domain on-the-fly and perform database maintenance, all with a single click. Written and maintained by the same developer as Akeeba Backup and the Joomla! updater component of Joomla! 2.5.4 and later. Note: a commercial edition (Admin Tools Professional) with extra security-oriented features is also available from our site for a fee. This listing is about the free version, Admin Tools Core. Note 2: The software is free of charge, its support is not. You need a subscription to request support. However, its documentation, the troubleshooting wizard and searching the public tickets is free.
c m p
OSE Anti-Virus™ for Joomla!

OSE Anti-Virus™ for Joomla!

Paid download | Site Security | Open Source Excellence
3
Score:
98
20 reviews
Licence: GPL V2, you can install it into UNLIMITED websites FOREVER! No License Restrictions! No more IONCUBE! * After you buy the software, you can use it FOREVER (INDEFINITELY) * You can download all upgrades within 1 year. * You can receive our support within 1 year. Update: OSE Anti-Virus Version 5.3.0 - 5.3.1 * New Feature -- Added a separate scanning function for ClamAV scanning function. Product Descriptions: An Ajax powered Anti-Virus Joomla component that helps you to scan malicious codes in the files on your server. After you buy the software, you can use it FOREVER (INDEFINITELY). You can download all upgrades within 1 year. You can receive our support within 1 year. Scans web virus (e.g. hacking codes, shell codes, iframe injections) in PHP, HTML, Javascripts, Text files, etc. on your server, specifically, professional in scanning Gumblar.cn and Martuz.cn codes. If Gumblar.cn and Martuz.cn is found, it will give options to remove the codes automatically if your server allows write access to the files. Not only scans files in the Joomla system, but also scans files of other system that are installed in the same server. You can customize the web virus definitions to improve the detecting power of the tool! Technical features: 1. The component is an open source software. You can add your own virus definition codes to the kernel to fit your requests and improve the scanning power. This software can scan various web viruses on your server and supports most of the types of files on the server including PHP, HTML, Javascripts, etc. You can easily configure which types of files to scan under settings. In addition, The component is installed under the Joomla! system, while it’s competent to scan all files on the server even under the different systems. The scanning and cleaning which is a two-step process is convenient and controllable. After the scanning process, the software will provide a list including all suspicious files and the type of the malicious codes. You can opt to clean some or all of the altered files from the list and it will provide a final report for the cleaning result. The malicious codes will be striped and sanitized and it won’t impact the normal running of your websites. One-click restore function. The software will store the original files in a quarantine folder after cleaning the malicious codes for the need of restore. If you believe the Anti-Virus reports some false positives, you can easily restore the files b
c
SP Staging

SP Staging

Paid download | Site Security | KAINOTOMO PH LTD
3
Score:
98
14 reviews
SP Staging is a tool with the ability to manage remotely all Joomla! extensions from a central coordinator site on all your Joomla! sites. Imagine using the core Joomla! Extensions Manager with all its functionality (install, find updates, update, upgrade Joomla! etc), but instead you can control all your sites from one place. So in summary with SP Staging you can: Manage extensions remotely from a single place, Use your own site as a coordinator. That way you do not share your sensitive sites data with us, or anyone else!!! Update simultaneously your extensions to many sites, Install simultaneously zip package files to many sites, Remote backup. Monitor your sites, and services healthiness. Execute SQL queries, and PHP scripts under Joomla! environment remotely!!!
c p
Custom reCaptcha

Custom reCaptcha

Free | Site Security | Olivier Buisard
3
Score:
98
4 reviews
Custom reCaptcha is a plugin that gives you control over the look of the Google's reCaptcha widget. It can replace the standard reCaptcha plugin packaged with Joomla! reCaptcha from Google is a 'one-size-fits-all-designs' widget that does not offer many possible styles. Until now it fit my projects but once I started working on responsive templates, the size of the default reCaptcha themes started being in the way, especially for mobile designs. Nothing is lost, as Google offers a way to get the widget in a 'raw' state and is (almost) fully skinnable (see https://developers.google.com/recaptcha/old/docs/customization). The purpose of this simple plugin is to give you access to the raw widget and allow you to perform your own skinning, right from your template. Hard core stylers and developers alike, go crazy and make it beautiful. Do not hesitate to show off your designs in the forum. The plugin uses version 1.0 of the reCaptcha Google API. That API is no longer supported, although will continue to work. For more information, check Google's FAQ about reCaptchas v1 and v2 at https://developers.google.com/recaptcha/docs/faq. News keys registered at Google will only work for v2 of the reCaptcha API.
p
jSecure Lite

jSecure Lite

Free | Site Security | JSP Team
3
Score:
98
4 reviews
jSecure Lite for Joomla! Drawback: Joomla has one drawback, any web user can easily know if the site is created in Joomla! by typing the URL to access the administration area (i.e. www.sitename.com/administrator). This allows hackers to hack the site easily once they crack the id and password for Joomla!. The jSecure Lite component prevents access to the administration (back end) login page if the user does not use the appropriate access key. Easy to install, jSecure Lite adds a layer of security to your Joomla! website.
c p
Admin Tools Professional

Admin Tools Professional

Paid download | Site Security | Akeeba Ltd
3
Score:
97
135 reviews
From the makers of Akeeba Backup Core/Professional and Admin Tools Core, this is the enhanced release of Admin Tools, available on a subscription basis. On top of what Admin Tools Core already offers, Admin Tools Professional has these exclusive features: - Security tightening .htaccess (Apache), nginx.conf (NginX) and web.config (IIS) file generator with a simple yet powerful user interface - Restrict administrator with a secret URL parameter - Web Application Firewall to block common exploits (SQL injection, XSS, DFI, RFI, malicious user agent, CSRF/spam-bot protection, uploads scanner etc) - Bad word filtering - IP Whitelisting for the administrator section - IP Blacklisting - Geographic block (deny access to specific countries/continents) - Modification of Generator meta tag and other sensitive HTTP headers - Email on administrator login - Block front-end Super Administrator log-in - Block Super Administrator user modification - Block extensions installation - Block visual fingerprinting (tmpl, template and tp URL parameters) - Integration of the Bad Behavior anti-spam library - Project Honeypot IP blacklist integration - Automatic IP blocking of repeat offenders - Email notifications of all detected security issues - URL redirections (exclusive support for query parameters!) - Scheduled site maintenance operations The software is GPL; buying a single subscription you can install it on as many sites as you want and keep it running even after your subscription expires, without encrypted code, domain limitations or other such nuisances.
c m p