ACL Manager is the award winning Joomla extension that will save you a lot of time managing and understanding the Joomla ACL system. Set the permissions easily via the clickable permission grid that provides a great single page overview of all ACL settings across your website. Discover & fix issues with your Joomla assets (permissions) table you may not even be aware of and even configure the backend access to 3rd party components without basic Joomla ACL support. Clickable permission grid The powerful clickable permission grid allows you to easily manage Joomla permissions of your website. The overview with clear icons helps you to understand the Joomla ACL system easily. Understand Joomla ACL Dozens of permission screens, nested User Groups, inherited permissions... It can be very confusing. Use ACL Manager and you will quickly understand the concept and power of Joomla ACL! Fix issues with your assets table The Joomla assets tables is often messed up by Joomla 1.5 to 2.5 migrations or 3rd party extensions. Easily detect and fix these asset issues in a few clicks via the diagnostic tool of ACL Manager. Basic ACL support for any component With ACL Manager you can set basic ACL permissions for any component. Even when the component does not support Joomla ACL by default. This allows you to set custom backend access to components for your users. Enhanced Joomla ACL A selection of powerful additional ACL features on top of the Joomla ACL system like: Permissions per Module, Show Editable Modules only, Show Editable Articles only and Permissions for the Category Manager. Manage User Group permissions Easily manage User Group permissions via the single page overview with all possible core & 3rd party permissions. The sidebar shows additional information about the group, like all assigned Users. User permission overview User in multiple User Groups with combined permissions of the assigned User Groups? No problem for the ACL Manager! See exactly which actions the selected User can & can't perform on the site. Huge Time Saver Managing the permissions settings for your entire website via a single screen, extended with practical information about the selected User or User Group will save you many hours. ACLManager is a real time saver! Reset Permissions Easy reset Joomla! permissions for User Groups. Revert the default Joomla! permissions or clear all current permissions. Available in 28 languages ACLManager is available in Afrikaans, Amharic, Arabic, Brazilian Portuguese, Bulgarian, Catalan, Chinese, Croatian, Danish, Dutch, English, Farsi, Finnish, French, German, Greek, Hungarian, Italian, Japanese, Norwegian, Polish, Portuguese, Russian, Slovenian, Spanish, Swedish, Thai & Ukrainian.

Your /administrator area is vulnerable - secure it with AdminExile. Access keys, IPv4/6 Black/White Lists (IP and CIDR netmasks supported), Brute Force detection. AdminExile has you covered. The AdminExile Plugin has long been a favored and highly rated extension in the JED. Read the reviews, check out the 9 pages of documentation, and then try it yourself. Key features: - Access key(s) - key only, or key + key value. Others provide one or the other. AdminExile provides BOTH. - Front-end Restriction - Restrict certain accounts from logging into the front-end with accounts intended only for back-end use. - Lost Key Recovery - Useful for individuals using extremely difficult keys, or teams who change the keys frequently. - Stealth Mode - Prevents tell-tale signs that something exists at /administrator, like the session cookie! There are far too many features to describe in this page. Visit the documentation link to get the bigger picture.

Securitycheck Pro is a global protection suite designed to protect your website without affecting your server's speed. This version includes: A modular interface to manage the entire extension quickly and easily. Web Firewall The web firewall protects against SQL Injection, Cross-site scripting, LFI and RFI, Headers modification, CSRF, clickjacking and brute force and dictionary attacks, and includes the following features: Ipv6 supported. Blacklist (ip range allowed). Whitelist (ip range allowed). Dynamic blacklist. Events recording, which can be viewed by admins from backend. Alert or strict mode. Redirection to a default page or drop connection if an attack is detected. Second level protection to find suspect words (with editable list of suspect words). Base64 check. Email notification. Filter exception, mode and priority selection for greater flexibility. User session protection. Session hickjacking protection. Export logs in csv format. File Manager You can check file/folder permissions and easily view misconfigured configurations. Any problem? Click 'Repair' button and permissions will be corrected. File Integrity Thousands of files in our Joomla website, how to know if one of them is modified? With File Integrity you will be alerted when a change occurs in any file. Malware scanner The most advanced malware scanner on the market. Look for suspicious patterns, known malware filenames and files with multiple extensions and check them against an online service with 40 anti-malware engines and millions of hashes on it databases. And all with two clicks! .Htaccess protection Lot of traffic from bots? Block malicious user-agents and increase overall security esily with this feature. Want to hide your backend url? Add a secret key to your admin page to prevent dictionary and brute force attacks. Track failed login attempts We can monitorize failed login attempts from backend and frontend and take actions against them. Email on backend login You receive an email every time someone access to the backend. Forbid new administrative accounts Even if they are created not using the Joomla backend. Geoblock Forbid troublesome countries' access to your site this feature, which allows us to block IP addresses based on its geolocation. Upload scanner We can check uploaded files looking for files with multiple extensions and forbid certain extensions. Remote Management Manage the extension remotelly from a centralized console. Rules Management Trusted users? Now you can choose to which groups apply Web Firewall rules. Cron Plugin Get files status without afecting QoS. Launch File Manager or File Integrity tasks when your server has less workload. ACL checking Administrators got an alert if an insecure ACL configuration is set for Guest or Public groups. This could save us of many headaches. Module Info Check your Joomla security status at a glance. Url Inspector The url inspector allows us to ban IPs that use forbidden words in urls. This way we have a powerful mechanism to control all queries to our website, even those that are redirected to a 404 page. Vulnerabilities checking Securitycheck Pro performs a check of the versions of all the components, plugins and modules of your Joomla installation, comparing them with its database to show if there are vulnerable extensions. Forget individually test of every extension to avoid vulnerabilities: Securitycheck Pro does it for you. Vulnerabilities database Securitycheck Pro incorporates a database where you can see all the vulnerabilities known to our version of Joomla. This database is constantly updated to include the latest vulnerabilies. Akeeba Live Update integration We have included this feature to easily manage and update new releases. Performance This feature has been designed to improve Joomla's performance. Now we can optimize and repair our mysql database.

This Captcha plugin works with any Joomla extension capable of using the Joomla core captcha plugin system. It uses the Securimage PHP CAPTCHA script for generating complex images and CAPTCHA codes (including math challenge) to protect forms from spam and abuse. It can be easily added into existing forms on your Joomla 2.5, 3.x or newer website to provide protection from Spam bots. It can run on almost all web-servers as long as you have PHP installed, and GD support within PHP. SecurImage does everything from generating the CAPTCHA images to validating the typed code. Audible codes can be streamed to the browser with Flash for the vision impaired. Features: Works with Joomla Registration and any other extensions that is compatible with Joomla captcha plugin system; Works with Contact Enhanced, iRecommend, Ajax Recommend and Ajax Contact; Customizable code length, character sets, and Unicode support; TTF font support. You can choose the font you want to use; Very easy to customize colors; Easily add background images; Easily add signature to images; Several security features such as image distortion, random lines, and noise; Flash button to stream audible codes in WAV format; Ability to use a word list; Add a word list in your language to /plugins/captcha/securimage/lib/words/ Display alphanumeric captchas, or simple math problems; Highly customizable! Screenshots Alphanumeric captchaSecurImage Math Challenge Online demo: Support Form Installation Install the plugin by accessing the administration menu of the back-end under Extensions. Then access Extensions → Plugin Manager, look for Captcha - SecurImage and customize it to your needs. Don't forget to enable it! The default installation file do not come with the audio files in order to keep the installation file under 2Mb (on some servers files over 2Mb are not uploadable). Download audio files: Noise files. Unzip and upload the files to /plugins/captcha/securimage/lib/audio/noise/ Audio: Unzip and upload the files to /plugins/captcha/securimage/lib/audio/ English (en-GB); Dutch (nl-NL); Italian (it-IT); Portuguese (pt-BR); Usage: We've tried to make it very simple to use Captcha. Select Extensions → Plug-in Manager from the drop-down menu of the Joomla! Administrator Panel. Go to Global Configuration, and select the "Site" tab. Choose "SecurImage" in your "Default Captcha" field. Click Save & Close. Go to your Plugin Manager. You can find this under Extension Manager along the top menu or in the buttons on the main page of your Administrator panel. Edit the Plug-In "Captcha - SecurImage" Set Status to "Published" Change the settings accordingly to your needs. Below is a screenshot of all the available settings;

Site Lock is a FREE, one of a kind extension for the Joomla CMS that will allow you to password protect your site from being viewed while you are still in development mode. This is much different from using the standard "Site Offline" feature of Joomla and has a lot more features. No more need to use an HTaccess file to lock down your site. The Site Lock extension will give you much more flexibility. Supported Joomla Versions Joomla 3.x Have you ever used the "Site Offline" feature of Joomla and wished that you could allow your clients, colleagues, or friends to view the site without making it public or adding them as a "special" level administrator user? Or have you ever logged into the front of your site while it is offline to view how it will look to the public only to find that you have those little edit article icons on ever page of the site and you cannot get a true feel for how the site will look to non-logged in visitors? If you answered yes to either of these questions, Site Lock is your answer. Site lock offers you the following benefits: - Add a custom background color - Add a custom background image - Add a custom page title - Show or hide the login form on the splash page - HTaccess style site login protection - Give your clients their own login (without making them a user on your website) - Create your own custom splash page message - Custom splash page message supports HTML formatting you can edit with your favorite WYSIWYG Editor - Site Lock is FREE to download and use on as many sites as you wish - Log in and view your site just as if it were live and see it as the public would see it - No more needing to use the standard "Site Offline" feature of Joomla - You choose who can see the site and who can't with custom login credentials - Enable and Disable in one click

Extend Joomla! authentication to accept email as username (instead of/in addition to username). You can have both! My users occasionally forget their usernames. I suspect that your users do too. Heck, I forget my usernames once in a while! Fortunately I never forget my email address. Why must users login with their username when an email address is just as unique? Keep your users coming back with hassle free authentication. By enabling both this plugin and the Authentication - Joomla! plugin, a user can login using EITHER their username or their email address. Additionally, lost-password requests can accept an email address as well as a username. By enabling this plugin while the Authentication - Joomla! plugin is disabled, a user can login using ONLY their email address (plus password, of course) ATTENTION: This plugin does not alter the wording of your login page or your login module. You must implement a simple output override to accomplish the login module label in my attached screenshot. The constants to override are: COMUSERSLOGINUSERNAMELABEL COMUSERSFIELDRESETCONFIRMUSERNAMELABEL MODLOGINVALUE_USERNAME Version 2.2 - Joomla 3.2 compatibility Version 2.3 - fix missing login error messages Version 2.3.1 - added Joomla Update System compatibility Version 2.3.2 - fixed error in package XML file. Users must uninstall 2.3/2.3.1 before installing this update 4/26/2012 - Joomla 1.5/1.6/1.7 availability and support withdrawn. All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.

Delete My Account is a Open Source Joomla! plugin, which can give an option to your site members, through which they can delete their account. Obviously, there is an option for admin that user' account should be delete of blocked, once user deletes his/her account. If user deletes his/her account, then an email will be sent to all the Admin users that "An user has deleted his account". What you have to do is, Install this plugin and enable it Show any link or button which has the class "f90-delete-my-account". It can be you menu link, link in module or any other way to display a link.

JLex Block is an extension of Joomla CMS. It helps you easily protect and change the content of any pages, elements on your website. It currently providing 7 ways to help you protect content in the best way. Main features: ★ Password: This is the most popular method on Joomla. You can set password to any pages or elements that you want to protect. In addition, you can customize, add new theme (template) in your way. On the same page, you can protect many elements at once. ★ Country manager: Deny / Allow requires from these countries. Each client have one IP, JLex Block will detect client country base on IP. Now, JLex Block providing more 100 countries. So, it will reduce the amount of spam. ★ User Group: This method will collect all groups of Joomla site (like: Public/Guest/Manager/Administrator/Register... and you can add or modify group), and it deny or allow requires from users of these groups.View image ★ User manager: Same as above, this method will deny or allow requires from special users. You can set up multiple elements on same page and assign this element with users that you want them to see. ★ IP manager: Deny / Allow requires from these IP. Same as country manager method, it will reduce the amount of spam. ★ Access view level: The basic, Joomla CMS provide 4 view level : Public / Guest / Register / Special. This method allow you set a minimum level that members can see. Ex: If you set level is Register, users of Register and special level can see content. ★ Stop publish: This method can replace / hidden content of element or page indefinitely or for a period of time. Watch a short introductory video about JLex Block: http://www.youtube.com/watch?v=z2VS-bR8bso p/s: JLex Block apply for any extension and not affect SEF URLs (SEO).

This plugin displays custom message or module such as log-in, when not logged in user visit an article and K2 item. Also it has an integrated log-in module. The integrated log-in module will redirect back to current article or K2 item after successful log-in in category or other view mode. Features 1. Supported CCK: Content (com_content), K2 (com_k2) 2. White-list and Black-list of Categories and articles or items. 3. Additional Filters: Date (Published Up, Created, Modified), Featured Status, Content Tags, Custom Fields, K2 Extra Fields 4. Login options: Integrated Login Module, Joomla default log-in, Text message only, Custom URL with title, Load module by module name or module position with or without additional text message. Also reCaptcha 5. Article Visibility: Intro text only, Limited text /HTML tags, paragraphs, words, characters/ and Nothing 6. Source of Limited text: Intro text or whole content 7. Type of Limited text: Number of Paragraphs, Words and Characters 8. Login Message and Title 9. Overrides read-more link 10. Hides K2 attachments 11. Search Engine Bots: Specify which search engine bot will be allowed to visit full article or item 12. Meta-tag for Search Engine /SEO/: noarchive and noindex 13. Removes empty tags, for example it will remove empty paragraph which added on inserting read-more separator on content editor 14. Skip count: The maximum number of articles (requests) will be allowed to full access 15. Multilingual ready Bug Any bug has been reported or detected since May 22, 2015. Now the extension status is stable. Support The distributor of this extension www.JExtBOX.com has great self-supporting tools such as "Lost Payment ID", "Invoice", "Lost Downloads & Update", "Subscription". After support form submission, a response sent to your email automatically. It use official SMTP service, but we are recommend to check spam folder too. Payment We are giving "Money Safe Guarantee & Security" to all customers. Your payment will be processed on a SSL-encrypted PayPal server. Learn more about PayPal from http://www.paypal.com/. Email Address Security We won't use your PayPal ID (email address) for any other purposes: SPAM, newsletter, transfer etc.

Q: How do you test Guest functionality when your site is offline? A: You install the Offline plugin! Normal Joomla operation requires a valid user to enter their username and password to get past the offline template page. Logging in prevents testing of guest functionality on your site. So your choice to take your site offline for development or testing actually prevents an entire segment of test cases - the guests (unregistered visitors)! For many of us, guest functionality is as important as functionality for registered users because, how are we to woo the guests unless we give them a great experience? The Offline plugin provides a similar functionality as is found in my AdminExile extension. An administrator can set the site in offline mode inside Joomla Global Configuration, and enable this plugin to grant login-free access to the site. Browse the site as a guest (or login) - while still in offline mode. I wrote it so I could demo custom authentication systems to a client - while remaining in offline mode. This allowed them to see the site as a guest, and login as a user would login using the various authentication methods available. Additionally, they could log in and out of the system at will - without seeing the offline page unless they ended their session (closed the browser). New in 2.2.2 - CIDR capable whitelist. You may whitelist individual IPv4 and IPv6 addresses - or you can whitelist entire IPv4 networks using a CIDR netmask. For example - you could type in 253 addresses 192.168.1.1 through 192.168.1.254, or you could just define the network using its CIDR notation like this: 192.168.1.0/24. If your server has the PHP GMP library installed, you may also whitelist IPv6 CIDR networks. Configuration is easy. Enable the plugin Set a key Copy the URL displayed above the key and paste it into your browser address bar. Adjust your whitelist, if necessary. When you're ready to take your site live, the plugin won't interfere. Of course, you should disable it to preserve system resources, but it takes its operating parameters from Joomla configuration itself. When Joomla is set to offline mode, the plugin will operate. When it's not in offline mode, the plugin exits as early as possible to release resources. Update 1.17 - fixed javascript issue preventing display of the trigger URL in Joomla 2.5. Update 2.2.2 - complete rewrite for performance and additional features. All of my extensions are free and none of my extensions display advertisements or links to my sites or services. If you feel that I have blessed you, then you can bless me by making a contribution to fund future development. Visit the "Website" link to make a contribution.

Welcome to StageIt - the only staging environment extension for Joomla! Have you got a Joomla site, and want to make changes? If so, you'll know that it's a nightmare trying to get it right. What if that new plugin crashes your site, or you want to make lots of changes without your users seeing what's going on until you're ready to launch the new site? And that's why I built StageIt - the only staging environment extension for Joomla! StageIt means you can make any change you like to your site, without those changes being 'live' until you're completely ready to triumphantly reveal your Joomla masterpiece! Here's how it works StageIt takes all the drama out of updating Joomla! Step 1: Create a new staging envinronment, which is perfectly matched to your existing site and sits 'on top' of your site. Step 2: Make all the changes you like on the staging environment, without any change affecting the live site. Step 3: If you want to show your client a new feature or some work you've done, so they (or their legal team) can sign off the new content, simply show them the staging environment. Step 4: When you're happy with the changes, simply click a single 'Sync with Live' button to sync the staging and live sites, and make all your changes live! What is included? Create a staging environment in seconds Develop on the staging environment with zero risk to your live site Make any changes you like - update extensions, delete content etc. StageIt supports ALL third party extensions Sync the staging environment with the live site at any time Visual button allows you to instantly switch between environments Automatic backups allow you to restore your live site to any sync point Configure to work with a range of servers - even GoDaddy! Full documentation Purchase includes full support and updates SYSTEM REQUIREMENTS: Joomla 3.x PHP 5.4+ Preferably run PHP in fastCGI mode Preferably use a decent server

jSecure Lite for Joomla! Drawback: Joomla has one drawback, any web user can easily know if the site is created in Joomla! by typing the URL to access the administration area (i.e. www.sitename.com/administrator). This allows hackers to hack the site easily once they crack the id and password for Joomla!. The jSecure Lite component prevents access to the administration (back end) login page if the user does not use the appropriate access key. Easy to install, jSecure Lite adds a layer of security to your Joomla! website.

Login notify is a plugin that send email alert when any user log-in to the system. You can even set the application for which you want to make this plugin work, like only for admin section or only for site. This plugin also allows you to set the usergroup(s) for which login alerts are needed, suppose you do not want to get the alerts for super users or administrator then this is completely possible with this plugin. This plugin also facilitates you to send alert to the logged-in user.

Registration validation plugin add the ajax validation support to default Joomla! registration. Currently there is only basic validation with Joomla!, which validate for email and password (at least 4 characters). Customer is known about error after submitting the form. By installing this plugin you can get rid of it. It allows to validate registration details in the following manner. - Check if username already exists. - Password validation according to your configuration in Configuration of User Manager. - Confirm password validation, if you are asking for that field. - Check if email id is already registered or not. - Confirm email address validation, if you are asking for that field.

Keep your website safe RSFirewall! is the most advanced Joomla! security extension, developed by us at RSJoomla!, that you can use to protect your Joomla! website from intrusions and hacker attacks. It's backed up by a team of experts that are trained to be always up to date with the latest known vulnerabilities and security updates, making RSFirewall! the best choice in keeping your website safe. Specs » Compatible with Joomla! 3.x Highlights » Backend Password - Add an extra layer of security by typing in a password before logging in the administration! » Blacklist - Block unwanted (single or multiple using wildcards ..., CIDR notation and ranges) IP addresses. » IPv6 support » Whitelist - Bypass protections for selected IPs. » Stop brute-force login attempts - Capture login attempts (as well as incorrect passwords). » Malware database - Detects obfuscated, encoded as well as potentially dangerous files (eg. base64encode, eval, gzinflate, pregreplace /e) » Automatically drop dangerous files when they're uploaded - such as .php, .js, .exe, .com, .bat, .cmd » Disable the creation of new Administrators » Protects selected Administrators from any changes - including password change! » Log all security events and send messages to specified email address(es) » Powerful exception system - Disable protections based on User Agent, URL or component (regular expressions allowed). » Database Check - Optimize & repair your database tables. » Display CAPTCHA in the administration section after a predefined number of failed login attempts. Active Protections » Country blocking - Allows you to select which countries have access to your Joomla! website (also blocks anonymous proxies). Based on GeoIP Lite Country database. » Local file inclusion (LFI) » Remote file inclusion (RFI) » SQL injection (SQLi) » HTML, Javascript and CSS filtering (XSS) » Denial of Service (DoS) - Block unwanted User Agents » Automatic blacklist » Actively scans POST and GET variables. » Keeps an eye on sensitive Joomla! files and alerts you if they are changed. System Check » Check for the latest Joomla! & RSFirewall! versions. » Provides suggestions on how to tighten your PHP & Joomla! configuration. » Scan Joomla! core files for integrity. » Scan files and folders for common permission errors. » Scan files for common malware.

Securitycheck is a medium protection suite. This version includes: A modular interface to manage the entire extension quickly and easily. Web Firewall The web firewall has been tested against more than 90 SQL, LFI and XSS attacks patterns, and includes the following features: IPv6 supported. Blacklist. Whitelist. Events recording, which can be viewed by admins from backend. Redirection to a default page if an attack is detected. Second level protection to find suspect words. Session protection File Manager You can check file/folder permissions and easily view misconfigured configurations. .Htaccess protection Want to hide your backend url? Add a secret key to your admin page to prevent dictionary and brute force attacks. Vulnerabilities checking Securitycheck performs a check of the versions of all the components of your Joomla installation, comparing them with its database to show if there are vulnerable extensions. Forget individually test of every component to avoid vulnerabilities: Securitycheck does it for you. Remote Management Manage the extension remotelly from a centralized console. Akeeba Live Update integration We have included this feature to easily manage and update new releases. ++ Please, read the user guide before install the extension.

JoomISP is a component for Joomla! which offers various Internet Services such as Webhosting, Server rental or VoIP. All offers, orders, customers and domains can be managed via the Joomla! backend. Customers can also view their orders in the Joomla! frontend. With various plugins for Server Control Panels for example Confixx, Plesk, ispCP, i-mscp, Cpanel/WHM, ISPConfig and LiveConfig, an easy creation of webhosting accounts is possible. With the Domain Registrar Plugins for example InterNetworX the ordered domains gets registered with few clicks. Frontend Features Choice of different offer categories possible Domain names checked for availability (Whois-check) PDF forms for transferring assigned domains automatically generated Payment via direct debit, bank transfer and several online payment gateways (with specific plugins) like Paypal, Alertpay, Moneybookers and credit card payments via 2Checkout. An e-mail with all necessary information will be sent to the customer and the administrator Joomla! account will be automatically generated Overview of orders and running contracts for existing customers Existing customers can change their customer details in the frontend Backend Features Easy change to another package or to a customized package Specified term of contract instead of automatic prolongation Different terms of duration for each domain possible Modification of the status with optional notification for the customer Customer administration Order administration Offer features administration Configuration Customization of e-mail text Customization of explanatory texts for the steps of the order process Administration of status reports for domains and orders Installation of sample data Installation and Managment of Payment Gateways and Control Panel Plugins Generation of vouchers

Pre-Registration Email Validation plugin allows your users to validate their email id before registration. It will reduce the SPAM at your site and also reduce the possibility in typo in email address. You don't have to perform more than two step, just install and enable the plugin. How it works :- An extra button and text field will be shown for sending and entering validation code. User need to click on "Send Code" after filling email id. User will receive an email containing Validation Code. User need to enter that validation code in the text field, and than click on Submit button. It supports core Joomla! registration and JomSocial registration as well. Advantage :- It will reduce the AUTO SPAM for registration to zero. User has to enter valid email id. If that was spammer then it will not make entry in user table unless he validate that entry by entering code. It works on client side as well as on server side. You are not required to enable Email Activation functionality. User will not make any type mistake in email id while registration. No need to worry about newsletter bounce. If spam entries are not in the user table then no need to apply filter on sending emails and newsletter. It will keeps your user table clean.