| Securing Joomla!'s Administrator Logins |
 |
 |
 |
| Written by Ron Bassett |
| Sunday, 08 November 2009 22:20 |
|
Many times you want to force https or SSL on Joomla! administrator logins so admin users passwords are always sent ecyrpted. This can be done by creating a .htaccess file in the /administrator/ directory and adding the code below. RewriteEngine on
RewriteCond %{HTTPS} !=on RewriteRule ^(.*)$ https://codersresource.com/administrator/$1 [R=301,NC] For all the Turkish Hackers out there I like to go one step farther and require a .htaccess password in the admin. This will also help block all those script kiddies that are a worthless excuse for a human. Add this to the .htaccess fileAuthUserFile /var/www/vhosts/your-directory.com/httpdocs/.htpasswd
AuthName "Your Development" AuthType Basic require user username
Enter the Username and Password you want to use and paste it into the .htpasswd file like below. username:$apr.$3lI2GuMF62q.XEBq4bo/4. |