logo

Introduction

Site Security

This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.

  • Get this
  • Favourite
  • Report

  • Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
  • Notifies you by e-mail when a alert is generated.
  • Protect also from unKnown 3rd Party extensions vulnerability.
  • White list for safe components (at your risk ;) )
  • automatic ip blocking on attack

Enable mail report and prepare yourself to be scared!

Anyway remember that security it is a 'forma mentis', not a plugin!

HISTORY

Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file

Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)

Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks

Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization

Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail

Version .98 (May 29th, 2010)
first release.

Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".


Simple and Easy


Posted on 11 June 2016
Functionality

Not too sure yet and hoping I don't have to find out. Will update of course.

Ease of use

Simple! Very easy to install, head go to plugins, configure basic settings (probably just email address and IP block) and enable. Done.

Documentation

Simple enough to use without but more than enough information around if you run into problems (you probably won't though)

I used this to: A number of private and commercial websites.

Functionality

Was working as expected but I start getting a database error in all FaceBook share extensions.
Invalid syntax w/MariaDB server in mi_iptable

Ease of use

Very easy to setup

Support

I email support and I did not get any answer, I also try to post a comment in product page and the website goes down.

Documentation

Good

I used this to: Extra security layer
Owner's reply: ops! sorry for missing support :(
try to post a comment, I'll replay as soon as possible.
please note: don't try to submit revealed attack code or the post will be blocked by the plugin!

Great Plugin


Posted on 11 May 2016
Functionality

Easy to setup and just works.

Ease of use

Works straight away.

I used this to: Hacking is getting worse so this plugin is a must have to protect yourself against malicious attacks. After being hacked it took quite some time to root out all the injected code. Now I have peace of mind seeing that their attempts are being blocked.

Functionality

Just install the plugin and periodically you'll receive a notification of hacking attemp with hacking code highlighted.

Ease of use

Install and activate. You may found usefull to receive email notifications like I do.

Support
Documentation

Excellente plugin !


Posted on 10 January 2016
Functionality

I love the option to be advise by email from attack.
I verify the correspondance between alert and the access.log and it is true

Ease of use

We have only to activate the plugin and review the setting.
We can receive notification by email (it's work well!)

Support

No need for support because it is easy to use

Documentation

Perhaps more international documentation could be appreciate (In English)

I used this to: I had a BIG problem with JS Injected attack on all my web site since December 2015.
I did a lot a improvement without be able to stop it.
I find a manual way to rescue my web sites, but I wasn't able to avoid it, I was searching for monitoring tools when I find it.

Very useful extension


Posted on 01 August 2015
Functionality

This is really great extension. It not only informs you if there is hacking attempt, but it can prevent most of them.

Ease of use

Just enable plugin and turn on email notification (if you need to be in touch)

Support

Extension very great, so i never necessary to contact support.

Documentation

All main features and preferences described very well on developer site.

I used this to: to be in touch if anyone trying hack my site.

The best so far


Posted on 06 June 2015
Functionality

it's simple but it gets the job done.

Ease of use

very easy to config, block all hack attempt.

I used this to: install to all my website. it's simple but it gets the job done. worry free. been using since joomla 1.5 never get hacked. got a lot of attempts but never success . tq marco..

Functionality

Just install, make quick setup and you are protected.

Ease of use

Very easy to use.

Support

No support is needed.

Documentation

Functionality

Works perfect

Ease of use

Just upload and done!

Support
Documentation

Functionality
Ease of use

Just install, enable and (optionally) configure things like IP blocking, email notification.

Documentation
I used this to: I install this on all my Joomla sites now. It's great to get emails seeing that hack attacks have been stopped. Simple to install and configure - just what you want. It's a shame it's not a standard feature of Joomla.
Marco's Google(TM) bot access

Marco's Google(TM) bot access

Free | Site Access | marco maria leoni
3
Score:
96
2 reviews
This plugin allows to spiders and robots, like Google(TM), MSNBot(TM) or Yahoo(TM), to access the pages of the site reserved to the 'Registered' users. Sometimes you have to protect interesting contents to get users' registration for commercial purposes or simply to create a community. But if content are not accessible, how can users know about their existance? With this plugin the search engine can index these pages and bring to your site more visitors. You can define an user for every search engine, and using the joomla 2.5/3.x ACL, you can define which pages are readable by each robots and by registered users and the pages which only registered users can read; or you can simply let spiders read all the pages. Search engine robots are recognized and are automatically logged in, as a specific Joomla! user, so they are allowed to read the content reserved to that user or group. This way contents are indexed, but no cache copy is made due the 'noarchive' meta tag, so an user can find the pages on the search engine, but he has to register to see the content of the page, because a normal visitor will not be logged in and he is redirect to the login/registration page! PLEASE NOTE: IMPORTANT! Without ip check, an advanced user can easily impersonate the bot of a search engine, so don't use this plugin to protect very confidential informations. Of course confidential info should not be exposed on search engines, anyway! Ip check feature will be released in a future version.
p
Marco's parallax background scroller

Marco's parallax background scroller

Free | Page Background | marco maria leoni
3
Score:
95
5 reviews
A plugin for parallax background scrolling in Joomla! This is a nice background scrolling effect with a simulation of a pseudo parallax effect. You can insert one or more image in your articles and define an horizontal stripe (view port) to see the images as they was really a landscape through a window. See this plugin in action! Features . Easy to use and configure . CSS3 and responsive . plugin works on J2.5 and J3.x sites; Kwown bugs Does not works on all IOS devices, sorry. This is not a bug, really, it's the not compliant support for CSS3 in IOS.
p
Marco's buy me a beer

Marco's buy me a beer

Free | Donations | marco maria leoni
3
Score:
94
6 reviews
This implementation of Buy me a beer in Joomla!, is a smart & funny way to get a donation without the need to specify ethical reasons: "Do you think my job was useful? Ok, buy me a beer, I just wanna have a drink, not save the world!" Features works on multilingual site; every text in the donation form can translated using Joomla's language override feature; automatic PayPal's interface language selection; multiple donations per page with multiple configuration; images available for beer wine (red, white), coffee, cappuccino, pizza and hamburger; plugin template supports override (J3+ only); plugin also works as a module by incapsulating it in to a 'Custom HTML'; Buy me a beer works on multilingual site and you can choose every text in the donation form, and translate it with language override facility. You can use multiple donation forms per page, and and also use the plugin also as a module by incapsulate it in to a 'Custom HTML' module. Plugin comes with a series of images: beer, wine, but there are not only drinks, pizza, hamburger, and so on. v 1.1 - added PayPal buttons language override
p
Marco's noFollow

Marco's noFollow

Free | SEO & Metadata | marco maria leoni
3
Score:
93
14 reviews
This plugin allows you to add "rel" and "target" attributes to all outgoing links in articles on your Joomla!, so you can avoid to disperse the Page Rank on the web by setting the attribute rel = "nofollow" on all outbound links, and you can keep visitors on your site by setting the target = "_blank" attribute. Configuration is very easy, simply select the action to be taken for the two attributes. You can enter the value if no value was specified, or force a value or remove it. You can also add the code {mnf=off} at any point of a single item to explicitly disable the bot for a single item. Apr 28th, 2014 * unified j2.5 & j3.x version * better error handling * php 5.4 strict code improvement Mar 23rd, 2013: * Joomla! 3.0 compatible! Jan 18th, 2011: * Joomla! 1.6 compatible! * include/exclude css classes list * minor code improvement May 4th, 2010: * Added rewriting for tag in clickable areas of image maps April 25th, 2010: * initial release
p
Marco's PrestaShop Authentication

Marco's PrestaShop Authentication

Free | Site Access | marco maria leoni
3
Score:
67
2 reviews
This plugin allows to customers of a PrestaShop™ e-commerce to access the Joomla! site without a new registration. This is a fast authentication bridge between the two systems. Prestashop to Joomla bridgeThis plugin allows to use an existent PrestaShop e-commerce to authenticate its users on a Joomla installation. Features plugin works on J2.5 and J3.x sites; no need of double registration; allows you to use PrestaShop for the e-commerce and Joomla! for the CMS; History v1.01 addedd support for PrestaShop 1.6 v1.00 first release for Prestashop 1.5
p

Marco's SQL Injection

Version:
1.4
Developer:
marco maria leoni
Date added:
Nov 18 2014
License:
GPLv2 or later
Type:
Free download
Uses updater:
Includes:
Compatibility:
Download DemoNot available SupportNot available Documentation
  • Overall
  • Functionality

  • Ease of use

  • Documentation

  • Support