Joomla's great, but it can't do it all. For example, even beginner web developers know that the way to access the login page for a Joomla website admin panel is to simply add "/administrator/" to the root URL of the website. That's convenient, but it can also leave a website vulnerable to hackers who might try to brute-force their way into your site.
And that's only one security shortcoming built into the core Joomla experience. Fortunately, a component called Admin Tools can give you the ability to better protect your site in many ways.
We'll talk about the paid version of the plugin in a moment, but there's a robust free version available in the Joomla Extensions Directory for Joomla 2.5.
The extension comes bundled in one compressed file that includes the component and its ancillary module and plugin. The install script takes care of all three. Here's a look at the Administrator page for the extension:
There are a lot of toys here! Let's talk about the good and the not so good:
THE GOOD
** Gives administrators a quick and easy way to take their site offline while still being able to work on the front-end from their home workstation.
** Gives administrators multiple options for password control. You can password-protect your back-end login page, and you can also password-protect the features inside of Admin Tools itself.
** Gives administrators the option to change the database ID number for the site's Super Administrator. This addresses another semi-obscure Joomla quirk: By default, the initial super admin for any site is assigned the ID number 62. An enterprising hacker could use this to their advantage. Admin Tools lets you create a new super admin, while it randomizes the login info for the old one.
** In addition, the paid version includes many other tool, including a URL redirection gizmo, a tool that gives administrators the power to create useful .htaccess files, and a firewall.
THE NOT SO GOOD
** It's an advanced tool. Some of its options are self-explanatory, but others - such as a tool that can change the collation of your database - may not be useful for developers who are just getting started.
RATING
4 of 5.
The core version of Admin Tools is a fast and easy way for beginners to improve their Joomla security. The professional version includes over 40 extra features for 20 euros.