Hi
!
You know jSecure Authentication module for Joomla?"Joomla has one drawback, any web user can easily know the site is created in Joomla! by typing the URL to access the administration area (i.e.
www.sitename.com/administration). This makes hackers hack the site easily once they crack id and password for Joomla!. Information: jSecure Authentication module prevents access to administration (back end) login page without appropriate access key."
I have create a kind of jSecure Authentication module for OpenGoo:
OpenGoo Secure URI Key AccessFirst of all you must create a
new file and put it into OpenGoo root directory (where is the index.php file):
access.php<?php
// ---------------------------------------------------
// Choose your Access URI Key value
// ---------------------------------------------------
$URIpassword= 'myaccesskey';
// ---------------------------------------------------
// Check the Access URI Key value
// ---------------------------------------------------
if((preg_match("/opengoo\/*access.?\.php$/", $_SERVER['SCRIPT_NAME']))) {
if($URIpassword != $_SERVER['QUERY_STRING']) {
print('Access Danied!');
die();
} else {
session_start();
$_SESSION['AccessKey'] = 1;
header('Location: ../index.php');
exit;
}
}
?>
Then you must add at row n.3 of
index.phpthis code:
// Check AccessKey
session_start();
if (!isset($_SESSION['AccessKey'])) {
echo("Access Danied!");
die();
}
Then you must modify at row n.35 of
environment.phpwith this:
if (!isset($_SESSION)) { session_start(); } // Start the session
Now if you try to enter here:
http://www.yourdomain.com/opengoo/index.phpyou recived an error
If you can view the login page you must write at the end of the URL the string "access.php/?" and your "access key", for example:
http://www.yourdomain.com/opengoo/access.php/?myaccesskeyThat's all. Work for me with OpenGoo 1.4.1 version.
I hope that this is useful for you
.
If you have some question or ideas... email me.
bye
!
