Introduction

Site Security

This plugin provides means to avert Brute-Force-Attacks on your Joomla-Installation. For this purpose, the plugin stores information on failed login attempts, so that when reaching a configurable number of such failed login attempts the attacker's IP address can be blocked. Furthermore, you can configure notifications about failed logins and blocked IP addresses, as well as a configurable (optionally even adaptive) delay for a failed login attempt.

  • Favourite
  • Report

The component included in the package will allow you to view the blocked IP addresses and manage them, manage whitelists of IP addresses which will never be blocked, viewing failed log attempts and testing the notification.

New in version 1.4.1:
- minor release fixing JED checker errors
New in version 1.4.0:
- Blocking via .htaccess
- New method for determining client IP to support load balancers / proxies
- IPv6 fixes (IPv6 subnet masks not yet supported)
- mysql compatibility
- php 7 compatibility
For a detailed list of changes in each version see the commit history at https://github.com/codeling/bfstop/commits/master.

Contributors:
- pt-PT/pt-BR translations and various fixes by solrac (comproperty247(at)gmail.com)
- ca-ES translations by nouespai
- fr-FR translations by Flying_Lolo
- nl-NL translations and various fixes by Rob van Baal (info(at)fischertechnikclub.nl/http://www.fischertechnikclub.nl)
- es-ES translations by Aimagen (info(at)aimagen.com)
- ru-RU translations by Raven (ravencrow(at)mail.ru)
- it-IT translations and various fixes by Stefano Buscaglia (info(at)binarioetico.org/http://www.binarioetico.org)
- old nl-NL translations by Agrusoft

100

Job done!


Posted on 13 May 2018
100
Functionality
Covers every significant function.
100
Ease of use
Very easy.
100
Support
Not needed.
100
Documentation
Not needed.
I used this to: Stopping brute force login attempts.
100
Functionality
Ce qu'il faut
100
Ease of use
Configuration très simple
100
Documentation
Très correcte
I used this to: Joomla est assez ciblé, et les tentatives de brut force sur admin existent.
100

Simple but super effective


Posted on 21 April 2017
100
Functionality
Easy to install
100
Ease of use
Perfect simplicity
100
Support
Not needed
100
Documentation
Not needed - The plugin makes it a breeze without the need to delve too deeply
I used this to: Preventing random login attempts
100
Functionality
Great functionality. Does exactly what it says
100
Ease of use
Three minutes to install and configure. Fabulous
100
Support
not needed
100
Documentation
not needed
I used this to: Increased security on my Joomla sites
100
Functionality
Great
100
Ease of use
Great
100
Support
n/a, we did not need support
100
Documentation
Excellent
I used this to: Our scanOpenLevel customer support web site
100
Functionality
very good
100
Ease of use
very easy
100
Support
good
100
Documentation
very good
I used this to: block brute force
100

Fantastic


Posted on 04 June 2016
100
Functionality
Works as advertised. User notification is superb.
100
Ease of use
Install to fully configured and tested was 6 minutes. Couldn't as for better.
100
Support
Not necessary
100
Documentation
I used this to: Controlling front end-brute force attacks.
100

newbie


Posted on 14 May 2016
100
Functionality
10/10
100
Ease of use
9/10
100
Support
10/10
100
Documentation
I just want to ask how to execute this. I have no idea. I'm not a web developer. Thanks!

configure and publish the "System - Brute Force St
I used this to: Blocking login attempt.
Owner's reply: Typically the default settings are sufficient, you just need to make sure the plugin is enabled. Do this via Extensions -> Plugins, there search e.g. for "Brute Force", then toggle the "status" column until a green check mark is shown.

For more questions, please use the issue tracker over at https://github.com/codeling/bfstop/issues.
100
Functionality
Does what it is made for
95
Ease of use
Would be helpfull to have the password logged as well
95
Documentation
Not always obviopus what it really does
I used this to: To understand how many people try attack the backend
Owner's reply: Thanks for your favorable review!

Regarding storing the password, please see here: https://github.com/codeling/bfstop/wiki/FAQ#why-dont-i-see-the-password-from-the-attempted-login

As for the documentation: Do you have any suggestion how things could be made better understandable? One tends to get a bit blind to such things when working a long time with it, so I'd love to hear suggestions! The ideal place for them would be the issue tracker on github: https://github.com/codeling/bfstop/issues
98

Brute Force works


Posted on 17 October 2015
100
Functionality
Works as described - thank you
100
Ease of use
For a non-developer this plugin was easy to download and install, configure and use. Already a number of IP's blocked.
96
Support
None needed so far :)
96
Documentation
Not needed but it is available
I used this to: Picking up unwanted visitors to my administrator login

Brute Force Stop

Version:
1.4.1
Developer:
Bernhard Froehler
Last updated:
Feb 01 2017
Date added:
Nov 19 2014
License:
GPLv2 or later
Type:
Free download
Includes:
c p
Compatibility:
3
Download

Uses Joomla! Update System

Score:


Write a review