- Site Security

Failed Login Attempts

Failed Login Attempts

Free | Site Security | Web357
3
Score:
62
1 review
This Joomla! Plugin records the failed and successful login attempts into the backend and frontend of your Joomla! website. It is useful for security purposes and serves as an information pool to track malicious user access (IP, country, browser, OS, etc.). USEFUL PARAMETERS Enable logs for backend (Store the logs for failed login attempts in Joomla's back-end). Enable logs for frontend (Store the logs for failed login attempts in Joomla's front-end). Successful Login Attempts (Store the logs for successful login attempts in Joomla front-end). Direct notification via email (Inform Admins for the failed and successfully login attempts). Save Logs to Database (Store the failed and successfully login attempts into the Database). Log Data: IP Address Log Data: Username Log Data: Password Log Data: Date Time Log Data: Country Log Data: Browser Log Data: Operating System CHANGELOG https://www.web357.eu/products/joomla-plugins/failed-login-attempts#changelog SUPPORT Normally we will answer your questions within 24 hours. If you still have questions or concerns about the product after reading the documentation: ★ You can use our Support Forum https://www.web357.eu/forum to ask your issues and report bugs. ★ Contact us using the contact form https://www.web357.eu/contact. ★ You can send us an email to this address: support [@] web357 [.] eu ★ Chat with us using the right-bottom box. If you did not find the information you were looking for in the documentation or if you have any other questions regarding the product feel free to contact us. We will be happy to provide you with a detailed answer as quickly as we can. 30 DAYS MONEY BACK GUARANTEE It’s all about trust. With Web357, you cannot lose. Either you will love it and enjoy using it, or you will get your money back. Simple as that. ★ Still got questions? Ask anything at contact@web357.eu. ★ More information at https://www.web357.eu/products/joomla-plugins/failed-login-attempts
p
jHackGuard

jHackGuard

Free | Site Security | SiteGround Web Hosting
3
Score:
59
47 reviews
jHackGuard is designed by SiteGround to protect Joomla websites from hacking attacks. Just add it to your Joomla and it will be safe against SQL Injections, Remote URL/File Inclusions, Remote Code Executions and XSS Based Attacks! This plugin has been successfully used by SiteGround customers during the past few years. Now we make its latest version public, so that you can easily protect your Joomla site. All you need to do is to install jHackGuard and enable it – no additional configuration needed!
c p
HashCash

HashCash

Free | Site Security | Michael Richey
3
Score:
33
1 review
Finally, a captcha you can't read...wait...that's not what I meant... This is the captcha you don't even need to see. Everyone knows the annoyance caused by captchas that are unreadable. HashCash is a different kind of validation. Unlike other captcha solutions, HashCash doesn't rely on 3rd party services or resources - and it doesn't require anything from your users other than a JavaScript enabled browser. No mangled words to decipher, no math problems to solve, no photos to match - nothing but arrival on a form page. Originally proposed by Adam Beck in 1997, HashCash requires a form to include the solution to a complex calculation. The calculation is so complex (it takes hundreds or even thousands of attempts to solve it) that any human or bot attempting to abuse your forms will spend so much processor time solving the calculation that it wouldn't be profitable to continue attacking your forms! The server receives the result and can easily and quickly test it in 1 calculation - either it's right and your user continues or it's wrong and the form submission fails. The best part is, HashCash is invisible (you can't read it - or even see it) and it happens in the background without user interaction! Your users arrive at the form and the HashCash calculation is automatically executed. Any bot attempting to submit your form without completing the calculation is rejected, and the calculation changes every time the form is submitted. Configuration is simple. Open the plugin and choose the difficulty level. The predefined minimum (1) and maximum (4) levels prevent calculations that are too simple or too difficult to complete in an acceptable amount of time.
p
User - StaticPassword

User - StaticPassword

Free | Site Security | Michael Richey
3
Score:
33
1 review
Prevent one or more user groups from changing their passwords! Enforce static passwords for selected groups. A similar extension exists for J1.5, but since it hadn't been updated - I created a 2.5 compatible version. Usage is simple - enable the plugin after selecting which user groups will be prevented from password changes. When saved, the users in those groups will not be presented with the password fields when editing their account details. Additionally, it prevents submission of passwords (just in case someone decides to submit the password field values anyway by hacking the form). 4/26/2012 - Joomla 1.6/1.7 availability and support withdrawn. All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.
p
CedSecurityImages

CedSecurityImages

Free | Site Security | Galaxiis
3
Score:
0
69 reviews
Ever been to a site where you had to register and the registration form required that you type in the same phrase that is found in a hard-to-read image? Joomla! has now this possibility thanks to my extension CedSecurityimages. It will protect You against most spammers attempt! Features Support best online captcha services: Recapctha, KeyCaptcha and NuCaptcha Protect all JForm Field of all Joomla! extensions without ANY patches to Joomla! core or extensions Good and configurable captcha Why using CedSecurityImages? CedSecurityImages protect all Form in joomla without any hacks or Joomla core changes. CedSecurityImages produce CAPTCHA (an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart") is a type of challenge-response test used in computing to determine whether or not the user is human. CAPTCHAs are used to prevent bots from using various types of computing services or collecting certain types of sensitive information. Applications include preventing bots from taking part in online polls, registering for free email accounts (which may then be used to send spam) and collecting email addresses. You're part of our marketing team! At Galaxiis.com we receive feedback from our customers and consistently turn their comments and suggestions into new and improved features. Satisfaction Guarantee If you are not totally satisfied with our product or installation, we will promptly resolve any issues. In the event you are still not completely satisfied, we will refund your money.
c p
JB Hide

JB Hide

Paid download | Site Security | frog
3
Score:
0
2 reviews
Hide the Fact Your Website is Powered by Joomla with JB Hide Component and plugin Joomla websites are susceptible to a wide range of attacks including SQL injections, brute-force attacks, and unauthorized logins. There are many joomla security plugins can improve the security of your website by addressing common security issues such as changing the administrator account from admin. Current joomla security plugins don’t protect or hide joomla files. I have developed JB Hide Component and plugin because most hackers and bots know where to find important Joomla files and pages. A bot that is designed to target Joomla websites will therefore attack any website with Joomla files, and pass by those that do not. Just as hacking software takes advantage of the fact that all Joomla websites are structured in the same way, JB Hide takes advantage of the fact that software can only target your website if it knows your website structure. It does this by removing all evidence that your website is powered by Joomla. This makes it very difficult for hackers to infiltrate your website. Boost your security JB Hide control access to PHP files. It protects your site from almost 90% of SQL-Injection and eXSS attacks caused by direct access to PHP files. This means you can install unsafe plugins without worry abhout security. That makes impossible for hackers to find the path to php files and they can not identify the whether the joomla is used for website. How does it work The magic starts now… But before it please note everything is in its default location and we just control access to it. This guarantees maximum compatibility for our plugin. Redirect to 404 page from users page index?options=com_users Hide administrator link · Try this: http://flance.info/hideme/index.php?options=com_users · Not found!? OK. Redirected to custom 404 page · Try http://flance.info/hideme/administrator · NOT found try this http://flance.info/hideme/administrator/?test=1234 You get administrator page In html output of the site you get Change Joomla template directory, remove template Info from stylesheet, hash template folder name Instead of template/template_name/template.css you get bare/jt315/css/template.css Instead of template/template_name/template.js you get bare/jt315/css/template.js Change components/ modules / plugins/ media directory folder and hash folders’s name for AJAX url and CSS files , etc · Instead of media/jui /js/jquery.min.js flance.info/hideme/me/fhetq/js/jquery.min.js · Instead of intead of module/js/javascriptfilename.js you get /fakemodulename/ hashed – example :sw2ww /js/ javascriptfilename.js · Instead of intead of component/js/javascriptfilename.js you get /fakecomponentname/ hashed – example :sw2ww /javascriptfilename.js · Instead of intead of plugins/js/javascriptfilename.js you get /fakepluginsname/hashed – example :sw2ww/javascriptfilename.js Getting fake fol
c p
Spamhaus SBL/XBL Blacklist Site Protection

Spamhaus SBL/XBL Blacklist Site Protection

Free | Site Security | Lonnie Waugh
3
Score:
0
1 review
This is a simple plugin for Joomla 2.5.x and 3.x that will query the Spamhaus SBL/XBL database to see if your visitor's IP is listed. If they are, it will block them with a message letting them know why they are not allowed in the site and provide them a link to see WHY they were listed. That link also allows the opportunity to de-list themselves as well as provide instructions on how to clean up their system/network. People listed in this database are typically either willfully spamming or have been infected with some sort of botnet. It rarely has false positives! This is NOT meant to provide junk mail/form spamming behavior blocking, this will prevent someone who is listed from even ENTERING the site to begin with. Since I've implemented this on several of my own client's site we've noticed a massive reduction of brute force login attempts, fake registrations and people trying to run exploits to hack Joomla and that is because this is a System level plugin that executes before components, modules and before the page renders. This means they won't even be able to scan your site for things to exploit! CRITICAL: If you find yourself accidentally blocked from your own site, create a file called spamhausletmein.txt in your main Joomla installation folder and then immediately go to the plugin settings and add yourself to the whitelist parameter and then delete the spamhausletmein.txt file upon completion! It is also recommended for maximum effectiveness that you order this plugin as #1 in the plugin manager. Documentation is included in the plugin description once installed, you can read it for a full description of all settings and what they do before activating! Features List: Operates quickly using simple DNS queries Logs entries to spamhaus_log.text in your main Joomla installation folder ( logs blocks and whitelist exemptions ) Provides a failsafe method incase you're locked out of your own site Whitelist by IP functionality.. you can add multiple ip's separated by commas Options to log blocked connections, whitelisted connections and failsafe connections Option to enable protection can for the front-end and/or back-end administration Supports Joomla's 1-click update system It's FREE Please note: I am in NO way associated with the Spamhaus project, I just decided to write this because on one of the servers I manage, I'm running mod_spamhaus and found it to be extremely effective. I decided to put this together on servers where I can't enable that Apache module.
p
jomDefender

jomDefender

Paid download | Site Security | 'corePHP'
3
Score:
0
1 review
Most hacker attacks are preventable. Instantly protect your website from most attacks with jomDefender, a must-have first line of defense for every Joomla-powered website. Each day, Joomla websites all over the world come under attack from ruthless hackers who deface front pages, delete critical data, upload malicious viruses, and steal sensitive customer information. Sadly, most hacker attacks cost owners dozens of hours and often thousands of dollars to repair. jomDefender is a must-have plugin to help you avoid costly downtime and embarrassing hacker attacks. Casual hackers don’t want to work too hard to gain entry to a site or server. They simply scan websites, looking for known identifiers that tell them whether a site is running a software they're particularly skilled at breaking and entering. Unfortunately, Joomla is often targeted by hackers, due to its popularity, and also due to many site owners who do not properly protect themselves from intrusion. Running a site without jomDefender is like leaving your car running, with the doors wide open, in a crowded parking lot, in the bad part of town. Every single day. You're inviting trouble, and sooner or later, that trouble will find you, and take you for a ride you'll never forget. Once hackers can identify the software, they will run pre-fabbed hacker scripts to help them gain control of your site, and the rest is history. All your content, data and customer information could then be wide open for the hacker to take, and often sell to others too. jomDefender keeps your Joomla applications hidden and protected, to prevent attacks from casual hackers, by scrubbing known Joomla identifiers from your site. Additionally, jomDefender also protects your site with security features such as an extra admin login screen (makes hackers guess two unique admin passwords instead of one), front end & backend IP ban/blocking, and much more. We've even added a bonus feature in jomDefender that lets you find the best configuration for your website to optimize its page-load time. Featureas and Benefits of jomDefender: Remove template positions code, ‘?tp=1’ Remove generator tag Remove word Joomla! Remove HTML white space Remove Joomla! PHP header Add a new Admin password prompt Allow/Deny IP addresses to the back-end/front-end of your site Disable plugin functionality Caching mechanism Page execution time display File integrity checks Login/Logout CSRF prevention Get jomDefender today, and put an end to most hacker attacks on your Joomla website. Developed by 'corePHP' | 245 Michigan Avenue West | Battle Creek, Michigan | USA
p
CopySafe Web

CopySafe Web

Paid download | Site Security | ArtistScope
3
Score:
0
0 reviews
Joomla Extension for CopySafe Web Protection Insert CopySafe Web images into Joomla using "shortcode". This extension enables the insertion of CopySafe Web encrypted images into Joomla posts and pages with "shortcode". The resulting embedded image object is supported in popular web browsers across all Windows computers from XP to the latest versions, which comprise of 92% of net users. Copy protect images and all other web page content Safe from Print Screen and all screen capture software Encrypted images cannot be retrieved from browser cache Domain locked images cannot be used elsewhere Encrypted images stored on the server are safe from your web host Encrypted images cannot be saved or scraped CopySafe Web can be easily added to any pages or posts created by Joomla. By adding a CopySafe Web encrypted image to a web page using this Joomla extension, the object code and scripts to activate copy protection are very much simplified. When editing a page or post, click on the [C] icon above the HTML editor toolbar to insert the "shortcode", where the cursor was last placed in the text area. After uploading or selecting an existing image (from a previous upload), you can then nominate the security settings to use for the page or post. Different pages can use different security settings, for example, to allow the submission of web forms you may need to enable use of the keyboard.
m p
CopySafe PDF

CopySafe PDF

Paid download | Site Security | ArtistScope
3
Score:
0
0 reviews
Joomla Extension for CopySafe PDF Protection Insert CopySafe PDF into Joomla using "shortcode". This extension enables the insertion of encrypted PDF documents created by CopySafe PDF into Joomla posts and pages with shortcode. The resulting embedded document object is supported in popular web browsers across all Windows computers starting from XP (92% of net users) up to the current version. Copy protect eBooks and PDF documents displayed online Safe from Print Screen and all screen capture software Encrypted documents cannot be retrieved from browser cache Domain-locked documents cannot be displayed elsewhere Encrypted documents stored on the server are safe from webmasters Encrypted documents cannot be saved or scraped CopySafe PDF documents can be easily added to any pages or posts created by Joomla. When editing a page or post, you may insert the short code by clicking on the [PDF] icon above the HTML editor toolbar where the cursor was last placed in the text area. After uploading or selecting an existing PDF class file (from a previous upload), you can then nominate the security settings to use for the page or post. Different pages can use different security and display settings:
m p
AVG Site Safety Badge

AVG Site Safety Badge

Free | Site Security | Denes Szekely (webGobe)
3
Score:
0
0 reviews
This module displays the AVG Threat Labs Safety Badge widget for your site in two variants, small or medium. You can choose from module parameters your preferred option. Small size (24 x 100) Perfect for checkout pages and besides purchase buttons Medium size (60 x 150) For footers and sidebars The badge helps your users find out about the AVG Threat Labs safety rating of your site, helping you increase the trust in your site among your visitors. The widget links through to the safety report of your website. Recommended for all Site Owners!
m
Authentication Logger

Authentication Logger

Free | Site Security | Marco Beierer
3
Score:
0
0 reviews
An authentication logger for Joomla 2.5 and 3. Logged Events - User login - User login failure - User logout - User logout failure - Password change (not yet implemented) - Forget password (not yet implemented) - Forgot username (not yet implemented) Which data is logged? - Time - Severity - Action - Username - Details - User IP Features - Log rotation: The plugin creates a new logfile every day.
p
TextCaptcha for Joomla

TextCaptcha for Joomla

Free | Site Security | Peter Bui
3
Score:
0
0 reviews
Do you hate reCaptcha and want to use an alternative that is a little bit more accesible that that really hard to use one by Google. Textcaptcha is a perfect alternative to reCaptcha. It asks logical questions such as, "Out these three words, which is a color: Red, ball, bat." With the answer being RED. You may also get mathematical questions such as, "What is one plus 11". Great to try and best of all it is free.
p
StopTheHacker Trust Seal

StopTheHacker Trust Seal

Free | Site Security | Denes Szekely (webGobe)
3
Score:
0
0 reviews
Why use a trust seal? Show your visitors that you care about security Show your hackers that you aren't a sitting duck waiting them to hack your site anymore Trust seals have been shown to increase conversions by more than 10% You will receive affiliate rewards when visitors sign up and pay StopTheHacker for service after clicking certain links in your detailed trust seal security information Stop The Hacker! In order to use the module, you first need to set up your StopTheHacker account (link provided in the module interface). After you set up your account you can add your domains to it. Each domain will have it's own tab in your profile. You will need to check these tabs, take a look to the URL, which will look like: https://panel.stopthehacker.com/overviews/order-summary/order/130389. The number at the end of the URL, like '130389' in the above example is the SiteID of your domain, that's one of the parameters you should enter in the module configuration. The other parameter you should enter is your domain name.
m
text2image

text2image

Free | Site Security | Schefa
3
Score:
0
0 reviews
This Plugin converts any text into a transparent image file (png or base64), so that you can protect sensitive Information against bots. Use the following syntax in your article For a more specific output you can add and modify these parameters. Make sure that you upload the ttf-fontfile in the plugins-folder, if you want to use another font.
p
pFirewall

pFirewall

Free | Site Security | Ionut Lupu
3
Score:
0
0 reviews
pFirewall is a simple plugin for filtering your website traffic and block possible malicious activity. By allowing you to create your own rules, pFirewall can be used if you want to prevent any automated activity like brute force login or mysql injection. The construction of the rules is inspired by NAXSI rules.
p
Aimy Captcha-Less Form Guard PRO

Aimy Captcha-Less Form Guard PRO

Paid download | Site Security | Aimy Extensions
3
Score:
0
0 reviews
Keep your forms spam free with user friendly Captcha alternatives. The system plugin uses well known anti-spam tests that do not require user action: minimum fillout time bot trap This way you can protect your website from spam bots with methods that are better for website usability and accessability than Captchas. Aimy Captcha-Less Form Guard is easy to use and configure: Enable the plugin, configure your preferred methods and select Aimy Captcha-Less Form Guard in Joomla's global configuration dialog as default Captcha. The PRO version additionally supports: DNS Blackhole Lists extended logging via PHP visual hints for users for minimum fillout time
p
GW Spam Protect

GW Spam Protect

Free | Site Security | GreenWood Studio
3
Score:
0
0 reviews
GW Spam Protect - free plugin that will protect your websites on Joomla and VirtuaMart from automatic registrations. Standard built-in Joomla ReCaptcha from Google, which does not meet modern standards of usability. Anyone will tell you that he does not like entering captcha code, not to mention the fact that for a long time, there are many services that are able to recognize and enter it automatically. But to win the automatic registration is easier than you think. How it works: * The plugin automatically adds a checkbox (checkmark) in the registration forms Joomla and VirtueMart. * Checkbox starts loading only after full page load with a delay of a few seconds , so that robots do not see the checkbox and not be able to put a check mark in it. Features: * Compatible with Joomla 2.5 and Joomla 3; * Conversion growth compared with other types of anti-spam; * Convenience for users; * Translated into three languages: Russian, Ukrainian, English; * Plugin connection requires jQuery, if your site is no jQuery, the plugin will automatically load the it; * Easy to use - just install and publish the plugin; * FREE.
p