For security Issue change the administrator URL How?
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
For security Issue change the administrator URL How?
Hi,
For security purpose i want to change the administrator URL, i want to open the administrator URL in different URL, please any idea do u have please reply me back. Avoid the identification of joomla website, somebody easily identify whether the site is joomla or not using this following method.(http://example.com/administrator), so easily identify and hack the site. To avoid this issue any idea you have kindly please advice me.
For security purpose i want to change the administrator URL, i want to open the administrator URL in different URL, please any idea do u have please reply me back. Avoid the identification of joomla website, somebody easily identify whether the site is joomla or not using this following method.(http://example.com/administrator), so easily identify and hack the site. To avoid this issue any idea you have kindly please advice me.
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: For security Issue change the administrator URL How?
full details are in the sticky here How to change/hide the administrator Url (instructions)
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- Z9iT
- Joomla! Enthusiast
- Posts: 166
- Joined: Fri Oct 14, 2011 8:15 am
- Contact:
Re: For security Issue change the administrator URL How?
To secure your admin directory , you can use extentins like secure.
kind read this thread aswell http://forum.joomla.org/viewtopic.php?f=470&t=681814
I think this thread should be locked, as its reffering to the same thing previously discussed.
kind read this thread aswell http://forum.joomla.org/viewtopic.php?f=470&t=681814
I think this thread should be locked, as its reffering to the same thing previously discussed.
http://z9it.com....Bringing the best of www, in a gist...
- brian
- Joomla! Master
- Posts: 12787
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: For security Issue change the administrator URL How?
There are a million ways to identify a site as being joomla - the administrator url is just one and certainly not worth the effort to move
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
- Z9iT
- Joomla! Enthusiast
- Posts: 166
- Joined: Fri Oct 14, 2011 8:15 am
- Contact:
Re: For security Issue change the administrator URL How?
I agree with you @Brian
, Infact what i think is that doing a password protect to the admin directory is more than enough. One should concentrate on overall server security
, Infact what i think is that doing a password protect to the admin directory is more than enough. One should concentrate on overall server security
http://z9it.com....Bringing the best of www, in a gist...
-
- Joomla! Apprentice
- Posts: 10
- Joined: Sat Jan 08, 2011 12:31 am
Re: For security Issue change the administrator URL How?
There is one simple way to do this -> backendtoken plugin and You can have url with token and redirect from other url to whatever url you want
Strona edukacyjna z fizyki, jest niezwykle przydatna dla gimnazjum, liceum oraz na studiach - http://fizyka.dk jest trudna, ale dzięki http://fizyka.dk/tablice/wzory/wzory-li ... rta-wzorow i nie tylko, łatwo można nauczyć się fizyki.
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
Re: For security Issue change the administrator URL How?
Hi,
I agree that many ways here to identify joomla site, but administrator is one fo the path easily find it. Anyways thanks for your advice..
I agree that many ways here to identify joomla site, but administrator is one fo the path easily find it. Anyways thanks for your advice..
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
- Z9iT
- Joomla! Enthusiast
- Posts: 166
- Joined: Fri Oct 14, 2011 8:15 am
- Contact:
Re: For security Issue change the administrator URL How?
@aristotle
have you gone across this thread??
http://forum.joomla.org/viewtopic.php?f=470&t=681814
if you want to secure joomla admin directory, then that thread is sufficient, however this doesnot implicate that your website is safe all together... you have to first secure your server.
have you gone across this thread??
http://forum.joomla.org/viewtopic.php?f=470&t=681814
if you want to secure joomla admin directory, then that thread is sufficient, however this doesnot implicate that your website is safe all together... you have to first secure your server.
http://z9it.com....Bringing the best of www, in a gist...
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
Re: For security Issue change the administrator URL How?
Thanks for your advice...
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
- Z9iT
- Joomla! Enthusiast
- Posts: 166
- Joined: Fri Oct 14, 2011 8:15 am
- Contact:
Re: For security Issue change the administrator URL How?
welcome my friend.... anywayz, I would love to hear more from you if you find something even more useful.... experience increases by time, n you may find something more powerful.... please do share then...
http://z9it.com....Bringing the best of www, in a gist...
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
Re: For security Issue change the administrator URL How?
Thanks friend, Wish u happy new year to you and your family, your wishes comes true in this year....2012.
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: For security Issue change the administrator URL How?
if topic is solved then we will mark it as such
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
Re: For security Issue change the administrator URL How?
Hi,
There is no solution for this question...
There is no solution for this question...
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: For security Issue change the administrator URL How?
aristotle2008 wrote:There is no solution for this question...
i believe that you were given the solution in both my post and brian's
I am not sure how redirecting to a honeypot as linked twice by z9it will be of any use.
The answers to your question in plain type are
* there are numerous markers to your site being joomla
* you can not (without breaking your site) just change the admin url
most attack bots will not care how a site is built, or attack just the admin url, they look for other common vulnerable extensions.
Go through security checklist 7 for more server security advice and how to protect your site
How to change/hide the administrator Url (instructions)- http://forum.joomla.org/viewtopic.php?f=432&t=611287
Security checklist 7 - http://docs.joomla.org/Security_Checklist_7
totaly agree with your thoughts which is why i asked if it was solved but some people still do not read and the link i posted I will give aristotle2008 chance to respond before possibly doing so.Z9iT wrote:I think this thread should be locked, as its reffering to the same thing previously discussed.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- aristotle2008
- Joomla! Enthusiast
- Posts: 103
- Joined: Sat Jul 31, 2010 11:15 am
Re: For security Issue change the administrator URL How?
Hi,
Thanks its very useful to me.....
Thanks its very useful to me.....
cheers
Aristotle.A
88db.com
(Senior Front End Web Developer)
Aristotle.A
88db.com
(Senior Front End Web Developer)
-
- Joomla! Enthusiast
- Posts: 152
- Joined: Wed Oct 26, 2011 1:27 pm
Re: For security Issue change the administrator URL How?
Please note, this is NOT just an issue for identification of server software. It is also preferable to change the admin URL in order to prevent brute-force attacks on the password. Of course, this is not an excuse for lazy passwords, but a brute-force attack can easily turn into a DOS attack, especially when Joomla 1.5 - seemingly - creates a new session every time a POST is sent to the admin URL.
Has this been fixed in more recent versions?
Has this been fixed in more recent versions?