Joomla brute force protection

AA-00407

It has now became common to see more than 1 botnet trying to hack numerous Joomla sites at any given time.

The attackers appear to use a bot to 'brute force' guess the passwords for your admin user on the Joomla system.

To thwart this ongoing attack we have added global Joomla brute force protection.

When you access your Joomla admin area you will be presented a screen that looks like the following :

In this example in the username box you would enter

bc19ip

and in the password field

23

You will then gain access to the login box for wordpress.

If this causes problems with your site, or you do not want this super protection, you can add the following to the .htaccess file in your Joomla administrator folder


Satisfy Any

This single line added to a .htaccess file in the 'administrator' folder  will disable the protection for your Joomla.