IT in Education

How can I improve the security?

joomlaExtensionsAkeeba Admin Tools is an excellent security tool, that comes with comprehensive instructions. This article will describe how to get started with Admin Tools.


Installation

You can start using Akeeba Admin Tools Core for free, by Installing the Joomla Extension using the Install from Web method. However the paid for version of Admin Tools, offers a significant number of extra features:

Configuration

Here are some of the configuration options that I make using the paid version.

  1. From the Control Panel, go to Web Application Firewall > Configure WAF
  2. Select the Basic Features tab:
    1. Allow administrator access only to IPs in Exclusive Allow IP List: This blocks every location apart from your IP.
    2. Disallow site access to IPs in the IP Disallow List: This blocks bad actors from access your entire site.
    3. Administrator secret URL parameter: Add some random characters, to hide access to the /administrator URL
  3. There are also lots of useful Hardening Options and Auto-ban parameters.

Enabling these features alone, will stop a lot of external attacks against your website.

Tools

Here are some useful tools that I sometimes use:

  • PHP File Change Scanner: This is good to run, especially after installing new extensions.
  • Repair and Optimise Tables
  • Clean Temp Directory

 

Troubleshooting

IP Address locked out

If your internet provider changes your IP address, as can happen occasionally, and you have enabled Allow administrator access only to IPs in Exclusive Allow IP List you may find that you are locked out of Joomla. Here is the fix:

  1. In a browser, search for Whats My IP
    1. Google will display your public IP address.
  2. Access your Joomla website database, using PHPMyAdmin.
  3. Browse to xxxx_admintools_adminiplist
  4. Change the record to your new public IP address. 


Thanks for visiting,
Steven