Support

Admin Tools

#22773 secret URL parameter custom redirect?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Thursday, 11 June 2015 07:22 CDT

eclipsemedia
 We have just updated from J-Secure to Admin Tools. The one thing we enjoyed about J-Secure was the ability to add a custom redirect for failed secret URL parameter. The reason why we need it, it because we have many sites and admins and if they saw a custom message when attempting to login there admin area, it would allow them to request the proper URL parameter, otherwise they would assume there is a problem with their site

nicholas
Akeeba Staff
Manager
Hm, but that completely counters the idea of the secret word protection. The idea is that an attacker should not know if the /administrator directory exists or not, hence the redirection to root. Adding a custom redirection, especially one with a message, tells the attacker he should keep guessing a secret URL parameter. For this reason we're not going to implement the requested feature.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!