I want check joomla default password is mix or not actually i want in joomla registration when user enter password then it must be 4 characters and 2 numeric . how i do this in joomla 2.5. I have checked in validate,js file also . but in this file only for increase password string not check mix password. so how i do that.
Joomla doesn't have this in its standard package.
The best place to look would be the Password Management section the Joomla Extension Directory, it looks like it has a few solutions in it.
Related
Is any way to lock any article with any password. I look for this 2 days and nothing. I have idea, lock any urls with psw with .htaccess . . . .it is really?
I need from one page in joomla website use one psw. For second page in website second psw. I use j3. I need it for Phoca gallery and Yootheme ZOO.
Besides what lodder suggests, which would be my first choice, maybe it would be enough with assigning that content to specific usergroups and access levels, so that logging with specific name/pwd would be required to access that content. Depending on your exact needs, this could be enough, and would save you from adding extra extensions.
I`ve been using joomla from past 2 years. As joomla is a very popular CMS for php lovers so hackers are always trying to deface the website in joomla. Anyone can easily detect the website is using on joomla or any other programming language by using wappanalyzer software. In joomla we can access the administrator panel by typing
http://phalana.com/administrator.
So my question is how to change the /administrator to something else so that hackers will not get to the administrator panel. So far i've seen the number of extensions in official joomla directory But still something is lacking on it.Can anyone help me to change the administrator path.
Changing /administrator is a very bad idea for a lot of reasons top amongst, ironically, is security. Apart from that it:
breaks lots of components
cuts you off from easy application of security updates
the effects of renaming are unknown from a security point of view
The best way to secure Joomla's /administrator area is to follow some simple steps...
Add realm authentication to the /administrator directory that way unless you hacker manages to figure out the username and password they're stumped.
Use an extension like JSecure or Akeeba's Admin tools (both allow your to set a "secret word" on the administrator URL) or check the extensions already available in the Login Protection section of the Joomla! Extension directory (called JED for short). N.B. I personally like Admin tools the most, with the /administrator?secreword, their application firewall and the .htaccess maker.
Follow the advice on the Joomla Doc's website Security Checklist
Personally we do all of these things and a bit more... as we keep telling people.
You can protect or hide your /administrator directory by creating an alternative directory wich sets a cookie that is sent to the http header in the request. That cookie will be validated from the index.php file at the /administator directory, if is not validated (when an unauthorized user wants to detect if your site is Joomla based by the known /administrator directory), then it will be redirected to the root directory for your site.
These are the steps.
*create an alternative /administrator directory ie: /admins_place
*inside /admins_place, create an index.php with the following code
snippet
<?php
$admin_cookie_code = "_hashed_secret_code_here_";
setcookie("JoomlaAdminSession", $admin_cookie_code, 0, "/");
header("Location: ../administrator/index.php");
?>
*In administrator directory add this code snippet at the beginning of
the index.php file.
<?php
if($_COOKIE['JoomlaAdminSession'] != "_hashed_secret_code_here") {
header("Location: ../index.php");
}
I hope this helps
For some reason, when I log into my joomla 1.6 backend, it is now empty, displaying only a logout button. Any Ideas?
I just went through the same problem but on J!1.7.3. There may be many, many reasons but please check using just URL if you can see for example:
[YourDomainHere]/administrator/index.php?option=com_content or
[YourDomainHere]/administrator/index.php?option=com_modules
If content is listing and you're missing just Admin-menu and sub-navigation in back-end --> this means you messed-up with access levels and viewing access.
If you can't see content listing - ignore the rest of this post :-)
...with access levels and viewing access. To check that, try entering [YourDomainHere]/administrator/index.php?option=com_users&view=levels and enter each position in the list. Joomla backend navigation module usually has Access set to Special, so focus on this one. When enter Special - manager, author and super administrator should be ticked. If everything empty in any from the list - this is your issue :)
You need to add manager, author and super administrator to your Special access level. Obviously you can't see Save button, so you need to use database. [wrrr :) sounds scary?] Not a big deal, just go there using for example phpMyAdmin and find _viewlevels table. In there just edit Special and add [6,2,8] values to set up manager, author, super.....
Update database. Try to log-in one more time (close browser and clean cache before).
I hope if this wasn't helpful for you, will be for somebody else.
p.s. There may be a way of 'saving' changes in you joomla access levels with URL. Then you don't need to go to DB .. but I don't know if this is feasible at all :)
Check the rewrite of htaccess and the $mosConfig_absolute_path variable in config.php
Apparently, the Bluestork Template (admin template) has some security issues. In my case there were some missing files in the template folder /administrator/templates/bluestork/ that caused the administrator screen to appear blank. I've copied a clean version of the template in the bluestork folder and after that I was able to see the backend admin area.
I've removed the bluestork templates entirely for now, which seems to be the best option. Joomla installs 2.5.8, 2.5.6, 2.5.2, 1.7.0, 1.6.3 are affected. The Blustork Template is a target for hacks with old Joomla.
this happening becoz of admin user lost his permissions. see below article to fix this issue
http://www.codentalk.com/joomla-admin-showing-blank-page/
I want to change administrator path of mysite in joomla. ex. currently i have admin path http://myserver/mysite/administrator but now i want to change it
http://myserver/mysite/admin .
Check out the constants in /includes/defines.php and /administrator/includes/defines.php
Unfortunately Joomla doesn't have a clean way of changing this without changing core files and even then this will cause problems while applying update patches in the future.
What you should consider is installing jSecure, an an extension which will prevent people from hitting mysite.com/administrator page directly. You can access your admin panel by going to mysite.com/administrator?MySecretKey (set your own secret key) but people who try to access it directly will be redirected to the front page.
I hope this helps.
I use joomla's default login module. The module asks for username and password at the time of login. I want it to change it to Email and Password. Where do i change the code for it to happen. I use Joomla 1.5.21 . Any help is appreciated
Thanks and Regards
Sanjai
there is already a extension module for that purpose. I think it is much easier this way. You can find more info about it here:
http://extensions.joomla.org/extensions/access-a-security/authentication/10343
If you prefer to do it yourself, then you have to look into couple of different folders:
joomla_root/modules/login/
joomla_root/joomla/user/ (authentication.php)
In addition, you need to change all references to "username" to "e-mail", and to do that I suggest you make a change in the language localization file which can be found here:
joomla_root/language/en-GB/