Security Discussion
By Jannik L. on Friday, 20 June 2014
Posted in General
Replies 5
Likes 0
Views 1K
Votes 0
Hey guys, after having 19000 failed admin login attempts by a hacker yesterday, I am working on stepping up security. I have added RS Firewall to automatically ban after X failed admin login attempts.

I was wondering if anyone in this great community has suggestions for how to add more security to joomla or to my server (I have root access and virtualmin)? Any way of changing the Joomla /administrator url?

I would ideally like to avoid using Google's 2 Step Verification at first...

I notice that here on stackideas.com you have added an extra login step, how did you achieve that? is it easy to add that extra security layer?
Hello Jannik,

That's just the password protection layer and you can easily generate this by creating a new .htaccess file at the /administrator/ folder.
Mark
·
Friday, 20 June 2014 14:55
·
0 Likes
·
0 Votes
·
0 Comments
·
Thanks once again Mark for taking the time to share your expertise, I genuinely appreciate it! Now, I forsee one problem, I run nginx, so I don't have a .htaccess, do you know if I can achieve the same via an nginx config?
Jannik L.
·
Friday, 20 June 2014 15:10
·
0 Likes
·
0 Votes
·
0 Comments
·
I believe you can password protect a folder even on nginx http://nginxlibrary.com/password-protect-a-directory/
Mark
·
Friday, 20 June 2014 15:56
·
0 Likes
·
0 Votes
·
0 Comments
·
Ah sweet, thanks a lot!
Jannik L.
·
Friday, 20 June 2014 16:10
·
0 Likes
·
0 Votes
·
0 Comments
·
You are most welcome Jannik
Mark
·
Saturday, 21 June 2014 00:34
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post