Prevent one or more user groups from changing their passwords! Enforce static passwords for selected groups. A similar extension exists for J1.5, but since it hadn't been updated - I created a 2.5 compatible version. Usage is simple - enable the plugin after selecting which user groups will be prevented from password changes. When saved, the users in those groups will not be presented with the...

EXP PassField is a javascript that simplifies creation of sophisticated password fields. *** Version 1.2 *** Add warning tells you all of the rules...

CMS-Scurity Component is a stunning Security & Firewall extensions which does not only looks good but also provide security options for your website! Every modern website needs a Firewall which will protect the sensitive data and users with advanced firewall mechanisms. Advanced and stunning looking dashboard with informative security and firewall options. Simple check lists will help you find sec...

With this plugin, you can notify your users if they intend to use a password that was previously compromised or "pwned" in a data breach. You can even define whether your website allows such passwords or rejects them. To provide this service the plugin refers to the "Have I been pwned" API ( https://haveibeenpwned.com/ by Troy Hunt). When a new user registers and submits a password (or an existin...

WEBSITE BLACKLIST CHECK AND MONITOR Google blacklists more than 12,000+ websites every day. You can loose up to 99% of traffic if your website has been blacklisted. Google protects its users from dangerous websites that may show up in search results and if your website has dangerous behaviour it gets banned by Google and you loose customers and visitors. Google Chrome blocks all your visitors fro...

The System - Content Security Policy plugin(s) bring this much needed security functionality to Joomla. The fun doesn't stop there - this set of plugins also implements the report-uri feature of the CSP. You can capture your own csp-report via the included AJAX plugin, and have it sent to you nightly using the included CLI script. If you want to browse the data - the AJAX plugin offers a handy...

ochStopDMR - Stop User Registrations with Disposable Mail addresses on your website! Are you tired of people using disposable email addresses to register on your website? Do you want to protect your users from spam and abuse? Then you need ochStopDMR! What is ochStopDMR? ochStopDMR is a Joomla! system plugin that prevents users from registering on your website using disposable email addresses....

SSL Fixer make your site HTTPS compatible without need to change any http (unsecure) URL even if your have external links Features 1) Replaces all internal urls from http to https 2) Replace all KNOWN ssl hosts from http to https (like fonts.googleapis.com). You can add more SSL host in the parameters 3) Fixes unsecure external hosts (domains without ssl support) fetching the content of resource...

FetchMetadata Plugin This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers (w3c-spec) Features This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers The implemened rules are: - Step 1: Allow requests from browsers which don't send Fetch Metadata - Step 2: Allow same-site and browser-initiated requests - Step 3: Allow simple top-...

Force2faUsergroup Plugin This plugin allows to force users to set up 2FA in a specific user group. Features This plugin allows to force users to set up 2FA in a specific user group. Setup the groups to force a 2FA setup on the next login. Configuration Initial setup the plugin Download the latest version of the plugin Install the plugin using Upload & Install Enable the plugin System...

HaveIBeenPwned.com compromised passwords check. HaveIBeenPwned.com is project gatehring informations about password breaches, and collecting compromised passwords. It means, if your password (not necessarily password of your account) was somewhere published by hackers, who hacked some passwords database, it will be listed there. And if so, the password is propably not secure anymore. n3t HaveIBe...

Add additional checks to your favourite Captcha Solution. This plugin when published as main Captcha plugin is able to - randomly rotate other Captcha plugins - check visitors IP address against Blacklists (StopForumSpam.com, SpamHaus.org, Sorbs.net, SpamCop.net, UceProtect.net, DroneBl.org, BotScout.com, Project HoneyPot, manually defined blacklist of IPs or IPs range) - check registered user em...

Joomla >= 4 only Backdoor is the Joomla 4/5 kompatible Version of the famous AdminExile plugin from Michael Richey (RicheyWeb). Backdoor protects your backend / administration part of your site by using URL access keys (query parameters). So, attempts to access the administrator login page will be met with either a redirect to your homepage, a 404 error, or a redirect somewhere else. This is e....

Joomla OAuth Single Sign-On (SSO) | Login into Joomla using OpenID Connect The Joomla Single Sign-On (Joomla SSO OAuth 2.0) with OAuth & OpenID Connect plugin facilitates seamless SSO/login with various OAuth Providers, enabling users to log into Joomla sites using their OAuth provider credentials such as Azure AD, Azure B2C, Office 365, Keycloak, and many more. Key Features Support for Multip...

AskMyAdmin prevent login to back-end of site till entering correct key=value pair. This is an extended version of plg_backendtoken plug-in. Main idea of this plug-in - to prevent login to administrator's panel by using standard URL. It will hide your admin part of site. Supported platforms Plug-in works on Joomla 3.x This plug-in is ready for Joomla 4 Alpha Supported languages English (en-...

With Joom2static you can create a static HTML website from Joomla. With included optimizations for minify and combine JS/CSS + image optimization via TinyPNG. Joom2static support Joomla category (blog layout) and multilingual and creates simple and nice folder/files structures. Why would you want a static html page instead of a full fledged Joomla CMS installation? Speed! – with no database a...

DataSafe Pro is professional database backup. It generates a snapshot of your full Joomla database, which allows you to quickly revert your content, whenever you want. It's ideal for creating a quick backup before you start any changes to your website. And to restore your Joomla database from a backup it's easy. Either select a DataSafe backup stored online, or upload a backup stored on your lo...

The Password Control system plugin enforces password changes upon registered site users. The change can be enforced for the initial (first) connection only, and/or for periodic changing. Optionally the users can be redirected back to the home page when a password change is enforced. There is the ability to define 'exempt' users, i.e. users for whom the administrator does not want to enforce pass...