icon

Backdoor

 
3.3
Latest Comments
Very good indeed.

 

Backdoor is the Joomla 4/5 kompatible Version of the famous AdminExile plugin from Michael Richey (RicheyWeb).

The plugin protects your backend / administration part of your site by using URL access keys (query parameters).

So, attempts to access the administrator login page will be met with either a redirect to your homepage, a 404 error, or a redirect somewhere else. This is e.g. a way to prevent brute force attacs.

 Protecting the Joomla admin area is crucial for several reasons:

  1. Security: The admin area is the control center of a Joomla website, where administrators manage content, users, extensions, and settings. Protecting it prevents unauthorized access, reducing the risk of data breaches, content manipulation, and other security threats.

  2. Data Integrity: Unauthorized access to the admin area can result in data tampering or deletion, compromising the integrity of the website's content and functionality. Protecting this area helps maintain data integrity and ensures that the website functions as intended.

  3. Prevention of Malicious Activities: Hackers often target the admin area to gain control of the website, inject malicious code, or distribute malware. Implementing security measures such as strong passwords, two-factor authentication, and IP whitelisting can help prevent such attacks and mitigate their impact.

  4. Reputation Management: A compromised Joomla admin area can lead to a variety of issues, including defacement of the website, distribution of spam or malware, and loss of user trust. Protecting the admin area helps safeguard the website's reputation and credibility.

  5. Legal Compliance: Depending on the nature of the website and the data it handles, there may be legal requirements or industry standards regarding data protection and security. Protecting the admin area helps ensure compliance with these regulations, avoiding potential fines or legal consequences.

Overall, safeguarding the Joomla admin area is essential for maintaining the security, integrity, and reputation of the website, as well as complying with legal and regulatory requirements.

 

Modifications at original codebase

The Javascript code is now pure vanilla Javascript, since Joomla 4 does not include jQuery.
To make this plugin compatible for the newer versions of Joomla, many things has to be done:

  • Changed Joomla classes to namespaced
  • All JQuery Scripts translatet to vanilla Javascript
  • Converted to J4/5 class environment
  • Fixed problems with J4 login
  • Removed "2-Factor pass". This doesn't make any sence. Where is the difference between a pass "mykey=myvalue" by checking the whole string or splitting it and comparing the individual parts?

First intension was to send Michael the codes, so he can update his package. Some mails with no response later, the package is going public here. So the update server is now changed to this one.

Even if it was only an adaptation of the original source code in the beginning, there is still a lot of work behind it. Therefore, a little more security for the administrator area costs a few euros, but it should be worth it.

 Add to Cart

 

 config 300