HTProtectServer ShieldJoomla Security – always up to date.
Backend access (/administrator)
No additional protection active
Recommended: an additional web server password prompt blocks brute-force attacks before Joomla even starts.
Warning:
/administrator is not writable for PHP – setup will probably fail.Emergency mode – lock the entire site
Extends the password prompt to the entire site (same credentials as the backend protection). Every visitor then sees a browser password prompt. Ideal for cleaning up after a hack or for a staging phase. Warning: While emergency mode is active, Joomla updates and automatic calls (cron/webhooks/payment callbacks) are blocked too.
Set up backend protection first Emergency mode uses the credentials of the backend protection.
Protection works on Apache and LiteSpeed servers (mod_rewrite). Before every write a backup is made automatically; a self-test with auto rollback catches server incompatibilities. Donate