Feeling Lucky
?
[#22567] - Secure backend url
- Closed
- 10 Oct 2018
- Medium
- Build: staging
- # 22567
Is your feature request related to a problem? Please describe.
by default the /administrator url is not protected by default. a possible hacker can easly see thats its joomla, what version and then try to get in.
Currently i use a 3rd party plugin to protect the /administrator url. incl. a ip block if someone tries to get access to de url
Describe the solution you'd like
protect the URL with a extra security layer.
- 2FA for url access (before admin login)
- /administrator?<secret_code>.. then access.. if code incorrect than /home
Additional context
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2018-10-10 08:01:13 |
| Closed_By | ⇒ | brianteeman |
Hiding the administrator url does not prevent a hacker from determining that a site is made with joomla or the version of joomla that has been used. There are a gazillion methods to determine that.
As 2fa is already available in the core and there are many extensions available offering various methods of providing extra protection I am closing this.