ZipFish Web Design and Hosting, South Wales
Web design, maintenance and support

Padlock on red backgroundI've been experimenting with a plugin offering a further layer of security for the admin login, and so far it's worked well to prevent automated attempts to access the admin area with stolen logins. This kind of attack is an increasing problem: I'm notified by email every time there's a failed login attempt on a Zipfish site, and they come in their hundreds every day. The plugin works by adding a password to the URL for the admin login, so instead of going to http://www.mywebsite.com/administrator/index.php you'd go to something like http://www.mywebsite.com/administrator/?UnguessablePa88word . That small change means that the automated scripts bombarding sites with stolen logins won't be able to find the login form.

Is it worth adding such a plugin, and how much of a threat do these attackers really pose? Well, if you've used the same username and password on another site and that site's been hacked and its data stolen, you could be in trouble. Even if your login hasn't been stolen, it may be 'guessed' - not by a human being, but by software generating millions of combinations per second. But whether or not the login attempts are successful, they impact on server resources and could slow the site down, which in turn negatively affects search engine ranking. For the small inconvenience of bookmarking or remembering a new login address, this seems to me like a precaution well worth taking, and I'll be offering it to the Zipfish site owners whose sites are most badly affected.

Tip: if you've just realised that your password could have been stolen, here's a free tool for generating a new one: https://identitysafe.norton.com/password-generator/#

What you need to know

Why use a CMS?

A Content Management System (CMS) makes it possible for anyone who can use word processing software to edit their own website

Read more

About Joomla!

Our sites are based on the powerful and flexible content management system Joomla!, which is freely available for use under a GNU/GPL license

Read more

About Open Source

The Open Source Initiative is maintained and constantly improved by a worldwide community of developers who give their time and skills free of charge.   

Read more

About domain names

A domain name is a unique identifier that enables browsers to locate your website on the internet.

Read more

About webhosting

To be available to internet users, the files that make up your website must be hosted on a 'server'.

Read more

Extending your website

There are thousands of add-on components, modules and plugins available to extend Joomla's functionality.

Read more

What about content?

Writing for the web is a special skill, and we understand that not everybody who needs a website will have experience in this area.

Read more

What will my website cost?

Every website is different, and we quote for each one individually and free of charge after extensive discussion.

Read more

What happens next?

If you'd like to talk informally about what a website could do for you, please contact us via the email form on the Contact page.

Read more