This week we'll walk you through how to set up a little bit of extra security that will hide your Joomla Admin area from prying hackers and bots, requiring authentication to log in.

We're going to use a plugin called jSecureAuthentication.

Here's how you do it:

  1. Download the jSecureAuthentication plugin from Joomla Service Provider.
  2. In the administration area of your Joomla site, go to Extensions >> Install / Uninstall and upload the file to install.
  3. In the administration area of your Joomla site, go to Extensions >> Plugins and open the System - jSecure Authentication
  4. Enable the plugin, and on the right in the parameters insert your Key in the field - this will be your 'secret' key to use for authentication when accessing the Joomla admin area.
  5. Save the changes and log out of the admin. To get to your new admin area you will go to http://yoursite.com/administrator/?secretkey (don't forget the ? before the secret key)

Using this plugin you can also set a custom redirect so that if someone were to try and access the default admin area at /administrator you can customize the message.

*We'll take this opportunity to remind you that while this is another step to help secure your Joomla site, it is no replacement for keeping your Joomla core files AND your extension files up to date. Make sure you're running the most recent versions in order to have the most secure site.

Sign up for Joomla Training