Support

Hi Olly,

RSFirewall and Admin Tools have overlapping features. They do pretty much the same, in a different way. I disagree with the way RSFirewall handles requests (IMHO you should never screw around with backend requests) and php.ini settings, that's why I'm not doing that in Admin Tools Pro. If you have Admin Tools Pro you don't need RSFirewall. In fact, if you have both then I can't provide support because it will be impossible to tell which security extension causes an issue. I've had too many cases of people sending me angry support requests only to find out that the problem was caused by RSFirewall, not Admin Tools.

Regarding Lock Down mode we call it "Emergency Off-Line" and works much more efficiently and effectively.

or is your component all we need to prevent hacks?

Never, ever, should any developer in his right mind claim that his software is all you need to prevent hacks. First and foremost you need what I call a working brain: the ability to understand that security is a continuous process, not something you install and forget about it. For more information please read our Unhacking Your Site walkthrough and search the Internet for one of my numerous Joomla! Site Security presentation videos in Joomla! Days around the world. Admin Tools Professional is a tool which will help you secure your site, but it's not enough. At the very least you need to take care of ownership and permissions, run routine security audits (www.joomla-security.com is a very good third party service which I personally trust) and have automated, frequent and routinely tested backups. Be vigilant. That's how you remain secure.

Ie lets say you have a joomla 1.5 site which doesn't need updating (just like a static site but built in joomla), is there anything that can be done so nothing can be changed (without a password) and no matter what anyone does they can't make changes to the site without that password, not even a hacker.

No. Anyone who says it's possible and 100% secure is lying. I can think at least three different ways this could be bypassed. Besides, it's not possible to frankly say that you have a magic way which will prevent any change in any data of all versions of each and every free, commercial or custom extension written for Joomla! up to this date. Just testing that claim would require a staff of hundreds, several months and several millions of dollars.

I will say it again. Security IS NOT something you can install and forget about it. Anyone saying otherwise is trying to con you. There is no such thing as an unhackable computer system. At best, you can tweak a system so that the effort required to hack it costs much higher than what the attacker will gain. This is the exact reason there are hordes of hackers attacking secret agencies around the world and this is the exact reason why an adequately protected small site doesn't get hacked (unless the entire shared server is compromised, of course).