Advertisement

How to restrict access to /administrator/index.php?

Discussion regarding Joomla! 5.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
hackermade
Joomla! Intern
Joomla! Intern
Posts: 93
Joined: Thu Jan 25, 2024 9:15 am

How to restrict access to /administrator/index.php?

Post by hackermade » Sun Jun 02, 2024 2:34 am

Greetings, i have successfully restricted access to the /administrator path but that restriction doesn't include the /administrator/index.php which is unrestrictable. Why this happened?

Thanks in advance!

Advertisement
User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 17590
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: How to restrict access to /administrator/index.php?

Post by toivo » Sun Jun 02, 2024 3:47 am

How did you restrict the access to the administrator folder? If your host has given you cPanel, the simplest way is to go to Files - Directory Privacy and configure a username and password that only you and the web server know.
Toivo Talikka, Global Moderator

User avatar
AMurray
Joomla! Master
Joomla! Master
Posts: 10002
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: How to restrict access to /administrator/index.php?

Post by AMurray » Sun Jun 02, 2024 5:33 am

if using htaccess / htpasswd, those files must be in the folder you're protecting i.e. /administrator folder.

In addition to what Toivo advised above, you can use an extension such as Akeeba Admin tools to protect the admin directory.
Regards - A Murray
General Support Moderator

hackermade
Joomla! Intern
Joomla! Intern
Posts: 93
Joined: Thu Jan 25, 2024 9:15 am

Re: How to restrict access to /administrator/index.php?

Post by hackermade » Sun Jun 02, 2024 9:22 am

Hi, no i just added a location context (location /administrator { } ) in my nginx configuration and denied all the requests except those from my IP address.

hackermade
Joomla! Intern
Joomla! Intern
Posts: 93
Joined: Thu Jan 25, 2024 9:15 am

Re: How to restrict access to /administrator/index.php?

Post by hackermade » Sun Jun 02, 2024 12:52 pm

Actually now works great but when i add the username and the password in the /administrator page after that instead of send me in the dashboard throws a 403 forbidden page...btw I use the nginx access key to restrict access

Advertisement

Post Reply

Return to “Security in Joomla! 5.x”