My Joomla Login Module asks for a "Secret Key". (Joomla Version 3.2.1)
This is confusing, was not necessary before. Can this be removed?
This is my demo website:
http://bierbrouwland.be/bier/
It's all about beer. Might be helpfull ;-)
Thanks for the help!
Two factor authentication is a new feature in Joomla 3.2.
If you have not set a 'Secret Key' for a user:
Go to Extensions > Plugin Manager
Set the Select Type filter to twofactorauth
You'll see two plugins enabled - Google and Yobikey - change their status to Disabled. A red X icon will show up
Clear the Joomla Cache
If you have actually set a key to your admin user, then there is no way out of it other than to go back to your last backup file.
Known bugs:
There was a bug Joomla 3.2, and this is fixed in Joomla v3.2.1
There is also a bug in the Gangry-framework with Joomla v3.2.1 (http://www.gantry-framework.org/) Which will be handeled by their development team.
You can now select in the plugin(s) to disable users (FrontEnd) from seeing the Secret Key but keep administrator login Secret Key.
You have "Two factor authentication" enabled. Nicely explained on this video: Joomla 3.2 - Two Factor Authentication
Actually, even if the two factor authentication has been set for admin user, the plugin still can be disabled directly in the database, so you don't have to revert to backups. Nice and easy:
UPDATE jos_extensions SET enabled=0 WHERE name LIKE 'plg_twofactorauth_%';
Refresh the login page, et voila! :)
in the Joomla "Search" type in twofactorauth right click the two that populate and select open in new tab for both.
Each tab will display two difference plugins enabled.
You will have a choice of Site Section for each,
You can choose (site frontend) (Administrator Backend) (both) So if you don't want your users to see it select, Administrator Backend, rather then disable it.
SO...
Site front end - Only Users will have a secret key
Administrator back end - Only Administrators will have a secret key
Both - Both users and admins will have a secret key field
If your template is rockettheme
1.- In your template/css folder create a file called rt_yourtemplatename-custom.css
2.- Add the following code:
p#form-login-secretkey {
display: none;
}
3.- Done!
Related
In Older versions this option was at Global Configuration section.
At joomla 3.x seems that this option has been moved.
I want only my existing users to be able to login.
Has anyone any idea where this option is available? Thanks in advance!
Log into your Joomla 3.0 admin dashboard
In the top menu, click Users and then click User Manager
In the tabs toward the top of the page, click the Options tab
Under the Component tab, find the following setting:
Allow User Registration
If set to Yes, new Users allowed to self-register.
To disable user registration, set Allow User Registration to No, and then click the Save button in the top left of the page.
After disabling the registration option, you will notice that the Create an account link within your Login Form will no longer show, as users can no longer create an account on their own.
Reference
It's very simple ,Follow the steps below:
a)select System --> Global Configuration -->Users manager.
b)Under the component tab you will see the 1st option as Allow user registration.
Please refer the screenshot below.
I currently have a Joomla site that has 5 different departments of people accessing the backend content. Basically, everyone's looking and poking at other departments contents. So how would I set a different account for everyone and allow them to only modify their own content? E.G.
The salt department can post whatever articles they want, but they cannot modify the sugar department's article.
Does Joomla have this kind of ability or any extensions out there?
That is pretty simple on Joomla 3 system.
Firstly, you create 5 different User Groups in Joomla under Users menu.
Go to Content > Article Manager > click Options button on the top right side > Permissions Tab
In the Permissions Tab, click on each User Group and you have tons of permission to tweak such as: Create, Edit, Edit Own, ...
Hope it helps.
If you haven't configured it yet, the key term to look for is ACL (Access Control List).
Basically you need to create 5 users groups (which are not Super Users).
Here is an article to get you started:
Joomla ACL: Configuring back-end ACL
My client has Joomla! ver 1.5.14 installed on the remote server. I logged in using the url /administrator/ with login 'admin'. When landed on the admin page after successful login, I observed that the top menu has only two elements, Site and Help. All other elements like Menus, Content, Components, Extensions etc are not there.
Also I do not find any way to access those elements (menus, components). There are not icons on the screen to access them.
Could someone please help me figure out this issue?
Thanks in advance
Regards,
MulC
EDIT:
Following is the screenshot of the admin page
http://postimage.org/image/youvqynh7/
user admin belogs to the group 'Super Administrator'
Thank you
It's very strange that this should happen unless your client has been fiddling with the core Joomla files or database tables.
Update the site to the latest version of the 1.5 series (1.5.26)
Download the full Joomla package, extract the administrator, components, includes, libraries, modules and plugins folder, zip them up and upload to the server, replacing the current folder. Not to worry, this will only override the core files which I assume haven't been edited.
Try downloading and installing another admin template.
Else the only other thing I can think of is reconstructing the website which might take a while, depending on the amount of work that went into it.
In Joomla! 1.5.x a common security step was to create an alternate "super user" and downgrade the default admin account to a standard registered. Due to issues in early versions of 1.5 though it wasn't recommended to delete or disable this account.
This sounds like what is going on with your admin account.
You can check this by looking at the database checking the table jos_users look for the username admin and see what it's usertype is set to. At the same time look for a user that has an usertype of Super Administrator (yes, really the words Super Administrator).
Once you have the username of the Super Administrator, you will need to find the password. If the client doesn't know it then you will have to recover the admin password.
For some reason, when I log into my joomla 1.6 backend, it is now empty, displaying only a logout button. Any Ideas?
I just went through the same problem but on J!1.7.3. There may be many, many reasons but please check using just URL if you can see for example:
[YourDomainHere]/administrator/index.php?option=com_content or
[YourDomainHere]/administrator/index.php?option=com_modules
If content is listing and you're missing just Admin-menu and sub-navigation in back-end --> this means you messed-up with access levels and viewing access.
If you can't see content listing - ignore the rest of this post :-)
...with access levels and viewing access. To check that, try entering [YourDomainHere]/administrator/index.php?option=com_users&view=levels and enter each position in the list. Joomla backend navigation module usually has Access set to Special, so focus on this one. When enter Special - manager, author and super administrator should be ticked. If everything empty in any from the list - this is your issue :)
You need to add manager, author and super administrator to your Special access level. Obviously you can't see Save button, so you need to use database. [wrrr :) sounds scary?] Not a big deal, just go there using for example phpMyAdmin and find _viewlevels table. In there just edit Special and add [6,2,8] values to set up manager, author, super.....
Update database. Try to log-in one more time (close browser and clean cache before).
I hope if this wasn't helpful for you, will be for somebody else.
p.s. There may be a way of 'saving' changes in you joomla access levels with URL. Then you don't need to go to DB .. but I don't know if this is feasible at all :)
Check the rewrite of htaccess and the $mosConfig_absolute_path variable in config.php
Apparently, the Bluestork Template (admin template) has some security issues. In my case there were some missing files in the template folder /administrator/templates/bluestork/ that caused the administrator screen to appear blank. I've copied a clean version of the template in the bluestork folder and after that I was able to see the backend admin area.
I've removed the bluestork templates entirely for now, which seems to be the best option. Joomla installs 2.5.8, 2.5.6, 2.5.2, 1.7.0, 1.6.3 are affected. The Blustork Template is a target for hacks with old Joomla.
this happening becoz of admin user lost his permissions. see below article to fix this issue
http://www.codentalk.com/joomla-admin-showing-blank-page/
I installed Joomla 1.7 and I noticed that you can have user profiles with the user profile plugin. However, is there a way to publicly access a user's profile (without loging in)?
For instance, I noticed that you can go to:
/index.php?option=com_users&view=profile
However, that seems to pull up my own profile, If I am logged out it always redirects you to the login form. I have tried adding additional variables like "id=1", "user_id=1", or "userId=1".
Is there a way to do this? Or will I have to develop a component to pull in this information publicly?
Even though it not possible with clean Joomla website a lot of useful code come with it, which you could include to your component if you prefer to create one.
But... there is a great extension Community Builder with a great team behind it. Having used it in the past, I would highly recommend it as a solution for community based sites.
It changes the login form to a much better & bug-free form, enables more fields to be created for registration, and allows special pages for individual users, plus, community builder has extension-specific plugins.
EDIT: This answer needs an update as since it was added more extensions have been introduced like JomSocial or EasySocial. I cannot recomment CommunityBuilder any more
This post is tagged with Joomla 1.7 however I wanted to mention that if using Joomla 3.7.4 you now have the ability to show the User Profile plugin data from the core Contacts component. You can also add more custom fields to the Users component and they will also show from the Contacts component. You can set the display of the Users Profile info by going to the Admin panel -> Contacts -> Options. Turn on the option under; Contact -> User Profile -> set to "Show".