- Site Security

OSpam-a-not

OSpam-a-not

Free | Site Security | Joomlashack
3
Score:
77
3 reviews
OSpam-a-not is the easiest way to protect your site from spam. OSpam-a-not uses two unobtrusive techniques to protect your forms from a flood of spam. First, OSpam-a-not uses a Time Gate. This is a hidden timestamp that records how long it took to fill in a form. If the form was submitted more quickly than humanly possible, we can block the submission. Second, OSpam-a-not uses a Honey Pot. A text field is added to the form and hidden by adding a style tag at the end of the document head tag. It isn't visible to a human user, but a spambot doesn't see that and fills in the field anyway. If we find anything at all in that field when the form is submitted, we've caught a spambot in the honey pot! And the form is blocked.
p
EasyCAPTCHA_efence

EasyCAPTCHA_efence

Free | Site Security | Brij Mohan
3
Score:
76
2 reviews
efence can do the following for you: 1. Protection against spam and malicious bots that can harm your web resources: efence is an alternative to CAPTCHA which protects your website against spam and makes it fun for the user to solve challenges. It presents an interactive picture based challenge for the users giving them a break from typing those boring twisted characters. It brings in the fun factor while avoiding the serious spam. Moreover it's an ideal spam protection tool for handheld devices. Just ask your users about what they like doing on their mobile or tablet, typing those twisted characters or just touch, tap and slide. The answer would be exactly what efence offers. 2. Guaranteed user engagement with your valued digital advertising and marketing materials: In case of a traditional CAPTCHA, when the user fights with those ugly looking twisted monsters, all that precious time and attention gets wasted with no benefit at all. efence empowers you to capitalize on this precious time and effort. What do you get ? dedicated eyeballs, guaranteed user engagement. This is done by providing great control and flexibility in creating your own branding images for guaranteed engagement. To place your branding images for free, please contact us at support@engageclick.com This is an official efence plugin which lets you embed efence at the most critical places on your website without editing any files. It takes only a few minutes to install and configure the plugin, in order to unleash the immense power of efence. Significant features   - Receive guaranteed attention to your in-house or external digital marketing contents   - Spam protection by an innovative "Captcha" alternative   - Places a customizable spam protection mechanism on your site - customize colors, shape, size and other attributes.   - Audio aid for visually impaired   - Category based customizable challenge options.   - Customer engagement using your own branding images.   - Powerful analytics to understand customer behavior.   - Works in all the browsers (including IE6!).   - Secure channel option for information security.   - Non-blocking, high-performance code. Sign up for efence - http://efence.engageclick.com Take an online demo to get an idea of how efence works as a powerful Captcha alternative ensuring customer engagement. Go Premium If you have custom requirements and need support package, we have an dedicated awesome team that delivers quality customization and support Visit official plugin homepage at http://efence.engageclick.com/selfservice-2/plugin/joomla.
m p
CWD Easy Captcha

CWD Easy Captcha

Free | Site Security | Cations Web Dev
3
Score:
76
2 reviews
CWD simple captcha CWD simple captcha works with Joomla and any other extensions that are compatible with Joomla captcha plugin system. It provides you to: Change captcha image background color Change captcha text color Change difficulty lines color
p
JR Captcha

JR Captcha

Free | Site Security | JoomlaRoad
3
Score:
76
2 reviews
Captcha for Joomla core and custom forms.Inserts captcha in registration,contact,reset password, remind username forms on enabling this plugin.To add captcha in custom forms without changing any existing codes or admin settings, follow the steps mentioned below. Just have to follow 3 steps for core forms. 1.install the plugin 2.publish the plugin 3.choose JRCaptcha on global configuration Integration with All Joomla Forms.
p
Perfect Dashboard

Perfect Dashboard

Free | Site Security | Perfect Dashboard
3
Score:
73
2 reviews
Perfect Dashboard - the one tool you will ever need to manage all websites efficiently. Protect your brand reputation Save 50% of time spent on updates Manage more websites & increase your income Automatic backups Genuine test engine for backups, updates and upgrades Security - keep your website safe from hackers and malware Make the internet a safer place Genuine Test Engine Let’s face it. Updates or ugprades often cause display errors. Testing website manually can be very time consuming. With our Genuine Test Engine you can be more efficient. Perfect Dashboard will perform website test for you and point out where are possible display errors. Genuine Test Engine analyses all changes in website layout, but also checks if all Social & SEO Tags are still in place. And it works with every website in the Internet. To be perfectly secure we are performing backup of your site (we also test integrity of this backup to see if everything is really fine) Automated Backup Verification in Cloud You don’t have a backup unless you know you can use it for website restoration. Restoring every website copy and checking it’s integrity is boring and takes ages. But we want you to be able to concentrate on more important tasks. That’s why we give one-click backup that start a chain of actions which includes coping website, remote restoration, integrity testing and storing backup at chosen storage location. And that’s it. Custom Changes Detector (coming soon) Editing CMS core files is a bad practice & editing extensions code is not recommended. At times, the website's security may be compromised because of that. You are also likely to include additional backups of your files because of that. But there are cases in which it’s difficult to customize website to client’s needs without it. That’s why Perfect Dashboard comes with a Custom Changes Detector. It scans entire code for any modifications. Thanks to that you don’t need to remember yourself to copy these parts of the code to the updated website code. What is more, we provide resources on how to implement these modifications along with good practices, to save you time the next time you will do update or upgrade. Not Limited to Joomla Perfect Dashboard is not limited to any particular CMS. In fact, it has been crafted to work best with Joomla & WordPress (with backups, upgrades and updates included), but you can use Genuine Test Engine with every website in the Internet. Thanks to that you are not limited to any particular technology. Whatever your choice will be, Perfect Dashboard will be there to make your work more efficient. Automated TO DO list Managing multiple websites in a time efficient manner requires excellent organization. Perfect Dashboard helps you boost your efficiency and security. Everyday we check your websites and create a personalized TO DO list for you with all the tasks you need to perform to keep websites you manage secure and safe from hackers and malware. You are one click away from performing backups, updates, upgrades and tests for all your websites. Remote Development Environments (coming soon) Don’t want to update or ugprade live websites? No problem. With Perfect Dashboard you can create a development environment in our cloud and perform an update or ugprade with just one click. We will make a backup of your site and send it to a remote server. Then you can review test results, optionally correct some display errors and publish a new version with just another one click. Git Integration (coming soon) Perfect Dashboard can fit into any workflow. With git integration you can easily include it into any staging process you have. This way, you can enjoy the benefits of Perfect Dashboard without having to change the way your work is organized. Why people use Perfect Dashboard? 80% of websites are susceptible to hacking as their software is not updated or upgraded regularly plus they do not perform regular backups. Perfect Dashboard is a solution to this problem. It’s the one place you will ever need to manage all websites efficiently. It’s designed to work with WordPress and Joomla, but you can use it with every website. It effectively scratches website's security off your list. To protect brand reputation Hackers are getting clever. Getting access to a vulnerable website is just a first step for them. Then, they use this website to infect unprotected computers of people who visit it. Imagine the consequences when it’s revealed that it was your website that had spread malware to others. Regular website updates, upgrades and backups are the easiest way to shield yourself from that risk. Make your website's security your top priority! Every website should be updated Both WordPress and Joomla are great tools to build beautiful, feature-rich websites in an efficient way. But that’s not their main advantage. The best part is that because they are so popular, their security is tested on a daily basis. And every month there is a security fix release. That is why Joomla and WordPress are considered much safer than any custom CMS solution. However, this is true only if the website software is regularly updated / upgraded and the backups are regularly performed. Otherwise, the website becomes vulnerable to hacking and malware. Updating is boring Everybody knows it. First, you need to backup and restore it to check if it’s ok. Then you need to install updates one by one. After that, you need to check if nothing got broken during the update / upgrade and the website is working normally. And finally you have to fix possible display errors. And it gets more complicated if you do not want to perform an update or an upgrade on a live website. Top security can be really tedious. To save 50% time spent on updates But updating doesn’t have to be this way. Imagine a tool that does the backup and automatically restores it remotely. Then it installs all the updates and upgrades and tests the website for you, pointing out potential errors you should fix. All with just one click. And this tool has a name. It’s Perfect Dashboard. To manage more websites & increase income With Perfect Dashboard, every web developer can become a professional website maintenance provider and offer management services and top security at compelling prices. This turns one-time clients into a recurring source of income. Branded reports, that can be generated from Perfect Dashboard, help to show what actions has been undertaken and make a great attachment to a monthly invoice. To make the Internet a safer place But it’s not only about the money. It’s about making the Internet a safer place. It’s about how decision makers see Joomla and WordPress. Right now, their reputation is tarnished as, according to recent research, every minute some outdated WordPress/Joomla website is being hacked and malware is being installed on them. Typically they do not have any backup or if they do have one it is outdated. We want to change this and prove that a regularly updated Joomla or WordPress is far more secure than most custom CMS. But we need your help. Together we can accomplish this goal and prove that a CMS security we are working with is rock solid. How to update Joomla 1.5 and 2.5 with Perfect Dashboard Officially, Perfect Dashboard supports Joomla 3.x only. However, here’s a trick how to use Perfect Dashboard test engine with older Joomla versions. 1. Do the backup using third party plugin/tool (Akeeba Backup recommended) 2. Add your website as “other” on Perfect Dashboard 3. Generate test 4. Update / upgrade your website manually from admin panel 5. Go back again to Perfect Dashboard and run test 6. Review the test results and fix the bugs, if needed And it's all done! For now, using Perfect Dashboard with older Joomla versions, lets you to save time while testing. However, we plan to support Joomla 1.5 and 2.5 (including backups, updates and upgrades) in the nearest future.
c
yKhoon Block Failed Login

yKhoon Block Failed Login

Paid download | Site Security | YK Lim
3
Score:
73
1 review
yKhoon Block Failed Login is an extension that will automatically blocked your visitor IP Address or user account when your visitor exceeded certain number of failure login. When your visitor are blocked, they cannot browse or access your web site for a certain period of time. After that, the extension will automatically unblock your visitor IP Address or user account. The extension will not only protect your front-end (visitor area), it will also protect your back-end (admin area). This will improve your web site security since it will prevent brute-force login attempt on you web site. The extension will create a log that contain some information such as date, time, visitor IP Address, login attempt on front-end or back-end, and etc, so that you take further action based on the log file. Changes: Compatible with PHP 7. Main Features: Automatically block an IP Address or user name after a specific number of failure login within a period of time. Automatically unblock an IP Address or user name after a specific period of time. If a failure login attempt is after a specific period of time, it will consider that failure login as first attempt and will block the IP Address or username after a specific number of failure login within a new period of time. Set the number of failure login attempt before block an IP Address or username. Set the time limit, and when certain number of failure login reached within this period of time, the IP Address or username will be block. Set specific period of block time for front-end failure login. This apply for IP Address or user name that has been blocked by the front-end login module. Set specific period of block time for back-end failure login. This apply for IP Address or user name that has been blocked by the back-end login module. Prevent the blocked IP Address or username from browsing the website(front-end or back-end) until the system unblocked the IP address. Create a log file with useful information every time when a failure login detected or when a blocked IP Address or username try to browse your website. Choose whether to block IP Address or user name. Failed Login Manager to manages to blocked IP Address or user name. Unblock an IP Address or user name before the blocked time end. Successfully checked as XHTML 1.0 Transitional and validates as CSS Level 3 using W3C Markup Validation Service and W3C CSS Validation Service. Support Integrated Product Update System for checking and download latest version of the product. Display the blocked user name error message within or outside the web site. Set the block time for front-end login and back-end login in minutes, hours, days, and months.
c p
CMS Security

CMS Security

Free | Site Security | cms-security
3
Score:
73
1 review
CMS-Scurity Component is a stunning Security & Firewall extensions which does not only looks good but also provide security options for your website! Every modern website needs a Firewall which will protect the sensitive data and users with advanced firewall mechanisms. Advanced and stunning looking dashboard with informative security and firewall options. Simple check lists will help you find security and firewall issues on your website and quickly sort them out with a single click! Our extension provide you informative website security firewall informations including: - Informative Dashboard - Social media information - Security and firewall checks - Administrator tasks - Website checks options - File and Folder permissions - Black and White IP's with search options. - Emergency shutdown ..and much more.
c p
PWD-GEN J! - Password Generator J!

PWD-GEN J! - Password Generator J!

Free | Site Security | Viktor Vogel
3
Score:
73
1 review
Password Generator J! is a small, fast generator for passwords (with Easy and Safe Mode). Features Length of passwords (max. 20) Capital letters Lower-case letters Numbers Special characters Multiple passwords per generation process (max. 30) Easy mode - noticeable passwords Safe Mode - secure passwords Languages - English / German Download Joomla! 3.x - http://joomla-extensions.kubik-rubik.de/downloads/pwd-gen-j-password-generator/joomla-3 Support The extension is completely free, but you need a subscription for support: http://joomla-extensions.kubik-rubik.de/subscription
m
qlcaptcha

qlcaptcha

Free | Site Security | Mareike Riegel
3
Score:
73
1 review
This captcha plugin generates a customizable captcha. Font size, font colour, number of chards are customizable. It is a standalone plugin, so no further code/Id is needed.
p
TZ Guard

TZ Guard

Free | Site Security | TemPlaza
3
Score:
73
1 review
This is a simple plugin which will help you to security your site. The administrator will be protected by a security code. Furthermore you can define a blacklist IP to refuse connection from spam ip and block the BOT system to access your site.
p
Aimy Captcha-Less Form Guard

Aimy Captcha-Less Form Guard

Free | Site Security | Aimy Extensions
3
Score:
73
1 review
Keep your forms spam free with user friendly Captcha alternatives. The system plugin uses well known anti-spam tests that do not require user action. This way you can protect your website from spam bots with methods that are better for website usability and accessability than Captchas. Aimy Captcha-Less Form Guard is easy to use and configure: Enable the plugin, configure your preferred methods and select Aimy Captcha-Less Form Guard in Joomla's global configuration dialog as default Captcha.
p
JProiCaptcha

JProiCaptcha

Paid download | Site Security | JPro Extensions
3
Score:
70
5 reviews
JProiCaptcha is a user friendly secure Captcha plugin for Joomla! 3. It's Joomla! R3ADY! JProiCaptcha, allows you to protect your Joomla! 3+ forms from spammers and bots. When enabled, it renders automatically on all Joomla! system forms - user registration, password reminder, password reset, and contact forms. With just a few lines of code, it can be set to work on any form and avoid spamming and bots to submit your website forms undesirably. JProiCaptcha is a unique and proprietary JPro Extensions system plugin, initially developed to work with the JProEasyContact module, and now available to be used site wide and the new 3.0.5 version allows non bootstrapped templates to also use JProiCaptcha on Joomla! 3. JProiCaptcha is packed with several options that can be set on your Joomla! 3 back-end and with extra security layers for validation, to allow safe contacts to be sent. Now also compatible with Joomla! 3 templates that don't load the bootstrap framework and customizable buttons and with almost all configurations possible.
p
OSE Secure™

OSE Secure™

Free | Site Security | Open Source Excellence
3
Score:
66
4 reviews
OSE Secure™ plugin a plugin that performs basic anti-hacking functions for your Joomla! CMS. It supports * 1. Basic SQL Injection Scanning * 2. Basic PHP Injection Scanning * 3. Basic Remote File Inclusion (RFI) Scannning * 4. Basic Local File Inclusion (LFI) Scannning * 5. Basic Malicious User Agent Scannning * 6. Basic DoS Scannning * 7. Basic Javascript Injection Scanning * 8. Requires a Secure Key to access Joomla Backend * 9. Advanced Feature: Activate OSE Anti-Hacker if you have OSE Anti-Hacker installed System Requirement: * PHP 5.0 or above * Joomla! 1.5 or Joomla! 1.6
p
Failed Login Attempts

Failed Login Attempts

Free | Site Security | Web357
3
Score:
62
1 review
This Joomla! Plugin records the failed and successful login attempts into the backend and frontend of your Joomla! website. It is useful for security purposes and serves as an information pool to track malicious user access (IP, country, browser, OS, etc.). USEFUL PARAMETERS Enable logs for backend (Store the logs for failed login attempts in Joomla's back-end). Enable logs for frontend (Store the logs for failed login attempts in Joomla's front-end). Successful Login Attempts (Store the logs for successful login attempts in Joomla front-end). Direct notification via email (Inform Admins for the failed and successfully login attempts). Save Logs to Database (Store the failed and successfully login attempts into the Database). Log Data: IP Address Log Data: Username Log Data: Password Log Data: Date Time Log Data: Country Log Data: Browser Log Data: Operating System CHANGELOG https://www.web357.eu/products/joomla-plugins/failed-login-attempts#changelog SUPPORT Normally we will answer your questions within 24 hours. If you still have questions or concerns about the product after reading the documentation: ★ You can use our Support Forum https://www.web357.eu/forum to ask your issues and report bugs. ★ Contact us using the contact form https://www.web357.eu/contact. ★ You can send us an email to this address: support [@] web357 [.] eu ★ Chat with us using the right-bottom box. If you did not find the information you were looking for in the documentation or if you have any other questions regarding the product feel free to contact us. We will be happy to provide you with a detailed answer as quickly as we can. 30 DAYS MONEY BACK GUARANTEE It’s all about trust. With Web357, you cannot lose. Either you will love it and enjoy using it, or you will get your money back. Simple as that. ★ Still got questions? Ask anything at contact@web357.eu. ★ More information at https://www.web357.eu/products/joomla-plugins/failed-login-attempts
p
jHackGuard

jHackGuard

Free | Site Security | SiteGround Web Hosting
3
Score:
61
47 reviews
jHackGuard is designed by SiteGround to protect Joomla websites from hacking attacks. Just add it to your Joomla and it will be safe against SQL Injections, Remote URL/File Inclusions, Remote Code Executions and XSS Based Attacks! This plugin has been successfully used by SiteGround customers during the past few years. Now we make its latest version public, so that you can easily protect your Joomla site. All you need to do is to install jHackGuard and enable it – no additional configuration needed!
c p
HashCash

HashCash

Free | Site Security | Michael Richey
3
Score:
33
1 review
Finally, a captcha you can't read...wait...that's not what I meant... This is the captcha you don't even need to see. Everyone knows the annoyance caused by captchas that are unreadable. HashCash is a different kind of validation. Unlike other captcha solutions, HashCash doesn't rely on 3rd party services or resources - and it doesn't require anything from your users other than a JavaScript enabled browser. No mangled words to decipher, no math problems to solve, no photos to match - nothing but arrival on a form page. Originally proposed by Adam Beck in 1997, HashCash requires a form to include the solution to a complex calculation. The calculation is so complex (it takes hundreds or even thousands of attempts to solve it) that any human or bot attempting to abuse your forms will spend so much processor time solving the calculation that it wouldn't be profitable to continue attacking your forms! The server receives the result and can easily and quickly test it in 1 calculation - either it's right and your user continues or it's wrong and the form submission fails. The best part is, HashCash is invisible (you can't read it - or even see it) and it happens in the background without user interaction! Your users arrive at the form and the HashCash calculation is automatically executed. Any bot attempting to submit your form without completing the calculation is rejected, and the calculation changes every time the form is submitted. Configuration is simple. Open the plugin and choose the difficulty level. The predefined minimum (1) and maximum (4) levels prevent calculations that are too simple or too difficult to complete in an acceptable amount of time.
p
User - StaticPassword

User - StaticPassword

Free | Site Security | Michael Richey
3
Score:
33
1 review
Prevent one or more user groups from changing their passwords! Enforce static passwords for selected groups. A similar extension exists for J1.5, but since it hadn't been updated - I created a 2.5 compatible version. Usage is simple - enable the plugin after selecting which user groups will be prevented from password changes. When saved, the users in those groups will not be presented with the password fields when editing their account details. Additionally, it prevents submission of passwords (just in case someone decides to submit the password field values anyway by hacking the form). 4/26/2012 - Joomla 1.6/1.7 availability and support withdrawn. All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.
p
CedSecurityImages

CedSecurityImages

Free | Site Security | Galaxiis
3
Score:
0
69 reviews
Ever been to a site where you had to register and the registration form required that you type in the same phrase that is found in a hard-to-read image? Joomla! has now this possibility thanks to my extension CedSecurityimages. It will protect You against most spammers attempt! Features Support best online captcha services: Recapctha, KeyCaptcha and NuCaptcha Protect all JForm Field of all Joomla! extensions without ANY patches to Joomla! core or extensions Good and configurable captcha Why using CedSecurityImages? CedSecurityImages protect all Form in joomla without any hacks or Joomla core changes. CedSecurityImages produce CAPTCHA (an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart") is a type of challenge-response test used in computing to determine whether or not the user is human. CAPTCHAs are used to prevent bots from using various types of computing services or collecting certain types of sensitive information. Applications include preventing bots from taking part in online polls, registering for free email accounts (which may then be used to send spam) and collecting email addresses. You're part of our marketing team! At Galaxiis.com we receive feedback from our customers and consistently turn their comments and suggestions into new and improved features. Satisfaction Guarantee If you are not totally satisfied with our product or installation, we will promptly resolve any issues. In the event you are still not completely satisfied, we will refund your money.
c p