Public access to admin

Moderators: mandville, PhilD, General Support Moderators

Chris Hall
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Feb 24, 2017 2:25 pm

Public access to admin

Postby Chris Hall » Tue Feb 28, 2017 10:39 am

Hi, taken over an existing Joomla site and get this boxed error message when I login to the admin control panel.

Error

Detected potentially dangerous ACL configuration => user Public, ACL: Administrator Login
Detected potentially dangerous ACL configuration => user Public, ACL: Access Administration Interface

Looking at the Global Config - Permissions I see that Public has access to some of the Admin sections as in the pic.

acl.jpg


I'm assuming this is a no-no?
You do not have the required permissions to view the files attached to this post.

User avatar
rcarey
Joomla! Explorer
Joomla! Explorer
Posts: 464
Joined: Sat Apr 25, 2009 9:20 pm
Location: Minnesota (USA)
Contact:

Re: Public access to admin

Postby rcarey » Sun Mar 19, 2017 5:10 am

This is indeed a big no-no. With that configuration, you are telling the system to allow anyone to have access to your backend - even without logging in. Hackers will exploit or take over your site.
Randy Carey, the iCue Project http://iCueProject.com : developing an intelligent approach to improving the CMS user experience,
Careytech Studios http://careytech.com custom development for tailored or value-added web solutions


Return to “Access Control List (ACL) in Joomla! 3.x”

Who is online

Users browsing this forum: No registered users and 1 guest