Emergency Off-Line switch
Put your site securely off-line in the case of an attack
Included in Core Included in Pro
Master Password
Prevent that client from breaking their site by »doing nothing«
Included in Core Included in Pro
Customize Permissions
ACL: fine-grained permissions, controlling which Admin Tools features each user can access.
Included in Core Included in Pro
Administrator Directory Protection
Protect access to your administrator directory with a username and password.
Included in Core Included in Pro
Change File & Folder Permissions
Easily change the permissions of all files and folders on your server. Permissions are fully customizable.
Included in Core Included in Pro
On-the-fly link rewrite
Automatically rewrite links to point to your new site. Optionally convert HTTP links to HTTPS.
Included in Core Included in Pro
One click temporary files cleaning
One-click purge of your temporary directory
Included in Core Included in Pro
Database collation change
Change your database collation
Included in Core Included in Pro
Repair and optimise tables
Repair and optimise all of your site's tables
Included in Core Included in Pro
Sessions table purge
Purge and optimise the sessions table with a single click
Included in Core Included in Pro
URL redirection
Redirect old URLs or make your own URL shortener with features far beyond Joomla!'s
Not Included in Core Included in Pro
Scheduled cleanup
Scheduled automatic cleanup of your temporary directory and sessions table
Not Included in Core Included in Pro
PHP File Change Scanner
Monitor your site for changed or added PHP files and assess their potential for malicious behaviour
Not Included in Core Included in Pro
.htaccess, NginX Configuration and web.config Maker
Disable directory listings
Not Included in Core Included in Pro
Protect against common file injection attacks
Not Included in Core Included in Pro
Disable PHP Easter Eggs
Not Included in Core Included in Pro
Block access to security-sensitive files
Block access to files such as htaccess.txt, configuration.php-dist and php.ini in your site's root
Not Included in Core Included in Pro
Block specific user agents
Not Included in Core Included in Pro
Block direct access to PHP files
Protection against direct access to PHP files. It can even block access to uploaded hacking scripts, mitigating the attack.
Not Included in Core Included in Pro
Force index.php parsing before index.html
Not Included in Core Included in Pro
Optimise expiration time
(good for SEO)
Not Included in Core Included in Pro
compress static resources
Automatically compress static resources such as images, CSS, JS
Not Included in Core Included in Pro
Redirect index.php to site root
Not Included in Core Included in Pro
Redirect www / non-www
Redirect www to non-www, or non-www to www site, e.g. Example Domain to Example Domain
Not Included in Core Included in Pro
Redirect old domain name to new domain name
Not Included in Core Included in Pro
Force HTTPS for specific URLs
Force HTTPS even when Joomla! doesn't let you to
Not Included in Core Included in Pro
Force HSTS header
Increase HTTPS security by forcing HSTS header
Not Included in Core Included in Pro
Web Application Firewall
Customised exceptions
Down to the component, view or query string level
Not Included in Core Included in Pro
Full logging of security exceptions
Not Included in Core Included in Pro
E-Mail Notification at security exception
Send out an email when a security exception occurrs
Not Included in Core Included in Pro
Geographic Blocking
Prevent access to your site by specific countries or continents
Not Included in Core Included in Pro
IP black-listing
Prevent access to your site by specific IP addresses or blocks of IP addresses
Not Included in Core Included in Pro
Administrator IP whitelist
Only allow access to your site's administrator section by specific blocks of IP addresses
Not Included in Core Included in Pro
Administrator secret URL parameter.
You can only see the administrator login page if you append ?secretWord to the URL (the secret word is customisable)
Not Included in Core Included in Pro
Change administrator login URL
(e.g. use http://www.example.com/mylogin instead of http://www.example.com/administrator)
Not Included in Core Included in Pro
Login E-Mail Notification
Send email on successful or failed administrator login
Not Included in Core Included in Pro
Customisable email templates and rate throttling for Admin Tools emails
Not Included in Core Included in Pro
Forbid front-end Super User login
Forbid front-end Super User login to deter brute-force password cracking
Not Included in Core Included in Pro
Monitor or forbid front-end Super User creation
Notify about the front-end creation of Super Users, or completely forbid it
Not Included in Core Included in Pro
Monitor or forbid extension and Joomla! configuration
Notify or prevent changing the Joomla! and/or extension configuration parameters.
Not Included in Core Included in Pro
SQLiShield protection
Against SQL injection attacks
Not Included in Core Included in Pro
Cross Site Scripting block
(XSSShield)
Not Included in Core Included in Pro
Malicious User Agent block
(MUAShield)
Not Included in Core Included in Pro
CSRF/Anti-spam form protection
(CSRFShield)
Not Included in Core Included in Pro
Remote File Inclusion block
(RFIShield)
Not Included in Core Included in Pro
Direct File Inclusion shield
(DFIShield)
Not Included in Core Included in Pro
Uploads scanner
(UploadShield)
Not Included in Core Included in Pro
Anti-spam filtering
Based on Bad Words list
Not Included in Core Included in Pro
Hide/customise generator meta tag
Not Included in Core Included in Pro
Block access to Joomla! extensions installer
Not Included in Core Included in Pro
Disable editing backend users' properties
Not Included in Core Included in Pro
X-Content-Encoded-By HTTP header content for GZip compression customisation
Not Included in Core Included in Pro
X-Powered-By HTTP header override
Not Included in Core Included in Pro
Block tmpl=foo system template switch
Not Included in Core Included in Pro
Block template=foo site template switch
Not Included in Core Included in Pro
Project Honeypot's HTTP:BL integration
Integration with Project Honeypot's HTTP:BL anti-spam / anti-hacker IP blocking directory
Not Included in Core Included in Pro
Auto-ban IPs
Auto-ban IPs causing excessive security exceptions (fully customisable)
Put your site securely off-line in the case of an attack
Included in Core Included in Pro
Master Password
Prevent that client from breaking their site by »doing nothing«
Included in Core Included in Pro
Customize Permissions
ACL: fine-grained permissions, controlling which Admin Tools features each user can access.
Included in Core Included in Pro
Administrator Directory Protection
Protect access to your administrator directory with a username and password.
Included in Core Included in Pro
Change File & Folder Permissions
Easily change the permissions of all files and folders on your server. Permissions are fully customizable.
Included in Core Included in Pro
On-the-fly link rewrite
Automatically rewrite links to point to your new site. Optionally convert HTTP links to HTTPS.
Included in Core Included in Pro
One click temporary files cleaning
One-click purge of your temporary directory
Included in Core Included in Pro
Database collation change
Change your database collation
Included in Core Included in Pro
Repair and optimise tables
Repair and optimise all of your site's tables
Included in Core Included in Pro
Sessions table purge
Purge and optimise the sessions table with a single click
Included in Core Included in Pro
URL redirection
Redirect old URLs or make your own URL shortener with features far beyond Joomla!'s
Not Included in Core Included in Pro
Scheduled cleanup
Scheduled automatic cleanup of your temporary directory and sessions table
Not Included in Core Included in Pro
PHP File Change Scanner
Monitor your site for changed or added PHP files and assess their potential for malicious behaviour
Not Included in Core Included in Pro
.htaccess, NginX Configuration and web.config Maker
Disable directory listings
Not Included in Core Included in Pro
Protect against common file injection attacks
Not Included in Core Included in Pro
Disable PHP Easter Eggs
Not Included in Core Included in Pro
Block access to security-sensitive files
Block access to files such as htaccess.txt, configuration.php-dist and php.ini in your site's root
Not Included in Core Included in Pro
Block specific user agents
Not Included in Core Included in Pro
Block direct access to PHP files
Protection against direct access to PHP files. It can even block access to uploaded hacking scripts, mitigating the attack.
Not Included in Core Included in Pro
Force index.php parsing before index.html
Not Included in Core Included in Pro
Optimise expiration time
(good for SEO)
Not Included in Core Included in Pro
compress static resources
Automatically compress static resources such as images, CSS, JS
Not Included in Core Included in Pro
Redirect index.php to site root
Not Included in Core Included in Pro
Redirect www / non-www
Redirect www to non-www, or non-www to www site, e.g. Example Domain to Example Domain
Not Included in Core Included in Pro
Redirect old domain name to new domain name
Not Included in Core Included in Pro
Force HTTPS for specific URLs
Force HTTPS even when Joomla! doesn't let you to
Not Included in Core Included in Pro
Force HSTS header
Increase HTTPS security by forcing HSTS header
Not Included in Core Included in Pro
Web Application Firewall
Customised exceptions
Down to the component, view or query string level
Not Included in Core Included in Pro
Full logging of security exceptions
Not Included in Core Included in Pro
E-Mail Notification at security exception
Send out an email when a security exception occurrs
Not Included in Core Included in Pro
Geographic Blocking
Prevent access to your site by specific countries or continents
Not Included in Core Included in Pro
IP black-listing
Prevent access to your site by specific IP addresses or blocks of IP addresses
Not Included in Core Included in Pro
Administrator IP whitelist
Only allow access to your site's administrator section by specific blocks of IP addresses
Not Included in Core Included in Pro
Administrator secret URL parameter.
You can only see the administrator login page if you append ?secretWord to the URL (the secret word is customisable)
Not Included in Core Included in Pro
Change administrator login URL
(e.g. use http://www.example.com/mylogin instead of http://www.example.com/administrator)
Not Included in Core Included in Pro
Login E-Mail Notification
Send email on successful or failed administrator login
Not Included in Core Included in Pro
Customisable email templates and rate throttling for Admin Tools emails
Not Included in Core Included in Pro
Forbid front-end Super User login
Forbid front-end Super User login to deter brute-force password cracking
Not Included in Core Included in Pro
Monitor or forbid front-end Super User creation
Notify about the front-end creation of Super Users, or completely forbid it
Not Included in Core Included in Pro
Monitor or forbid extension and Joomla! configuration
Notify or prevent changing the Joomla! and/or extension configuration parameters.
Not Included in Core Included in Pro
SQLiShield protection
Against SQL injection attacks
Not Included in Core Included in Pro
Cross Site Scripting block
(XSSShield)
Not Included in Core Included in Pro
Malicious User Agent block
(MUAShield)
Not Included in Core Included in Pro
CSRF/Anti-spam form protection
(CSRFShield)
Not Included in Core Included in Pro
Remote File Inclusion block
(RFIShield)
Not Included in Core Included in Pro
Direct File Inclusion shield
(DFIShield)
Not Included in Core Included in Pro
Uploads scanner
(UploadShield)
Not Included in Core Included in Pro
Anti-spam filtering
Based on Bad Words list
Not Included in Core Included in Pro
Hide/customise generator meta tag
Not Included in Core Included in Pro
Block access to Joomla! extensions installer
Not Included in Core Included in Pro
Disable editing backend users' properties
Not Included in Core Included in Pro
X-Content-Encoded-By HTTP header content for GZip compression customisation
Not Included in Core Included in Pro
X-Powered-By HTTP header override
Not Included in Core Included in Pro
Block tmpl=foo system template switch
Not Included in Core Included in Pro
Block template=foo site template switch
Not Included in Core Included in Pro
Project Honeypot's HTTP:BL integration
Integration with Project Honeypot's HTTP:BL anti-spam / anti-hacker IP blocking directory
Not Included in Core Included in Pro
Auto-ban IPs
Auto-ban IPs causing excessive security exceptions (fully customisable)
Documentation
Last edited by a moderator: