SSL Labs Score

Any jackwagon can go to your website and type /administrator - that sucks.

AdminExile puts a stop to drive-by (and more serious) attempts to access /administrator. By using URL access keys (query parameters), attempts to access your /administrator login page will be met with either a redirect to your homepage, a 404 error, or a redirect somewhere else (I recommend https://www.nsa.gov or redirecting them to a huge file download like a Linux ISO image, that's always fun).

AdminExile Blocked Attempts

High volume attacks (hundreds and even thousands of hits) may drown out the lower volume attempts. There is rarely an hour where there are no attacks.

As you can see, the attacks come in waves. These numbers are coming from server logs generated by the logging feature of the 3 series. I put my server at risk by not blocking these attempts with the brute force protection feature - partly because I want this graph to reflect actual attack patterns, and partly because my AdminExile access keys are ridiculously long non-words.

Attackers eventually give up, because AdminExile doesn't give them any feedback. They must wonder - is this even a valid URL?

This image updates automatically every 5 minutes.

Packed with features (even the free version), AdminExile exists to serve one purpose - to protect your /administrator login page.

AdminExile Features:

Version 3.14 Features Free Pro
/administrator key and/or key+value URL Protection    
Prevent /administrator session cookie    
Block configured users from frontend login*    
Lost/Forgotten Link Recovery    
Failure Logging    
IPv4/6 Whitelist with CIDR capability    
IPv4/6 Blacklist with CIDR capability    
Bruteforce Detection and Blocking    
Bruteforce Notification Email    
Live data reporting    
    Download   36

Bug Reports

Documentation: Online

Total reviews: 138
Overall
Functionality
Ease of Use
Support
Documentation
Value for Money

*As of Joomla 3.7 - Frontend Restrictions are not operational. I am working on a solution to restore this functionality.


Discuss this article in the forums (15 replies).

Paid Extension FAQ

What am I buying?
  • The extension
  • One year of updates
  • Support
Do you still support free versions?
Only bugfixes
Can I install the extension on multiple sites?
Go for it
Can I give a copy to my friend?
While this is ethically wrong, there is no easy way for me to stop it. However, if your friend wants support he should call you - because I won't talk to him unless he purchases the extension.
What happens to the extension at the end of the year?
Nothing. It remains installed and configured, it just stops receiving updates and support is suspended.
What if I give you an idea that you turn into a paid extension?
You'll be given a lifetime subscription for that extension.