SSL Labs ScoreSecurityHeaders.io ScoreHSTS Preloaded

System - Article Hits 1.0

Overview

Edit the hit counter of your Joomla articles.

Installation

  1. Download System - Article Hits from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "System - Article Hits".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "System - Article Hits".

Configuration

There is no configuration necessary. Enable the plugin and the article hits field within the content editor becomes available to edit. Save your article with the altered hits value.

HELP

Please report any bugs.

Discuss this article in the forums (0 replies).

Authentication - Session Limit

Overview

Limit the concurrent logins by ACL for your website. It's possible to prevent multiple simultaneous logins and put a stop to username sharing.

Installation

  1. Download Authentication - Session Limit from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "Authentication - Session Limit".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "Authentication - Session Limit".

Before you enable the plugin, in the Plugin Manager, filter the plugins by type and choose "Authentication". Click the first heading in the list (AKA the ordering column) which enables the order handles (three vertical dots). Drag the "Authentication - Session Limit" item to the top of the list. It MUST run before other authentication plugins.

Configuration

Choose an immune ACL in the "Immune" configuration field. Users who match this ACL will not be held to any limit imposed by this plugin.

Create limits by adding a new row, selecting an ACL, and entering a limit.

HELP

Please report any issues in the forums.

Discuss this article in the forums (0 replies).

System - Software Log

Overview

Installation

  1. Download System - Software Log from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "System - Software Log".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "Software Log". Enable both the System and Ajax plugins.

Configuration

Enable additional logging methods if wanted. This step is unnecessary for database logging.

HELP

Report issues in the forum or using the ticket system.

Discuss this article in the forums (0 replies).

System - Required Fields

Overview

The System - Required Fields plugin performs several functions:

  1. Enforces field requirements for users in the front-end.
  2. (optionally) Removes field and revisit requirements for specified fields and user groups in the front-end.
  3. (optionally) Removes field requirements for specified fields in /administrator. It may also optionally
  4. (optionally) Enforces a revisit interval, requiring users to re-fresh their profile fields at a specified interval (number of days)

Installation

  1. Download System - Required Fields from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "System - Required Fields".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "System - Required Fields".

Configuration

Choose Ignore Groups

For selected user groups:

  • Fields selected in the "Un-Require" configuration are no longer required
  • If the "Revisit Interval" is greater than 0, the revisit requirement is removed.

Choose which fields are Un-Required in /administrator

Selected fields are no longer required when editing a user profile in /administrator . Additionally, these field requirements are removed for members of "Ignore Groups".

Select the Edit Menu Item

When a user has an un-filled required field, the user is redirected to this menu item. Select the profile edit item from your menus.

Enter the Revisit Interval

If this value is non-zero, at login - at this freshness interval, users will be required to visit the profile edit page (specified in the Edit Menu Item setting above). If they have not saved their profile in this number of days or more, they are required to visit and save their profile.

Users who are members of "Ignore Groups" are not required to meet this revisit requirement.

HELP

Discuss this article in the forums (2 replies).

System - Content Security Policy

Overview

It's been said that a good Content Security Policy is the most important security measure you can take to protect your clients after switching to SSL. This plugin aims to make that implementation as easy as possible.

Installation

  1. Download System - Content Security Policy from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "System - Content Security Policy".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "Content Security Policy". Begin configuration with the AJAX plugin

Configuration

AJAX Plugin

AJAX plugin configuration is only required if you wish to receive reporting data from clients. If you're not interested in receiving this data - you can skip this step and move on to the System plugin configuration below.

The only required setting to use the report gathering features of this plugin is to authorize your referrer (your domain name) as a source of data. If you haven't canonicalized your name, you should put both the www and non-www versions into the configuration:

www.example.com and example.com

If you choose to implement the CLI CRON job, you will need to have at least one recipient.

The final option causes the CRON job to delete the matched items after it emails them.

CRON Job

Users who are able to create CRON jobs on their server can use this feature to send an email to selected recipients. The script is designed to send the reports from the previous day as a CSV file. There is no use running it more than once per day, as it only returns data from the previous day. You will need to create your CRON job to run in the Joomla "cli" directory - and simply run "php csp.php"

System Plugin

The configurations are extensive and complex. Each item label is a link to the documentation for that type of directive. Refer to the documentation if you are unsure about how CSP works.

HELP

Someone will need it - go to the forums or open a support ticket.

Discuss this article in the forums (2 replies).