I propose blocking all access to Joomla's administrator login page and front-end user login (if you don't use it) because I constantly see a-hole bots in my logs trying to hack my site. Add these lines to the Nginx site configuration.# DENY ACCESS TO JOOMLA ADMIN location ~* /administrator.* { deny all; }# DENY ACCESS TO JOOMLA USER LOGIN location ~* /component/user.* { deny all; }
Now how do you access the Joomla administrator login page?? Serve your site on another port using a simpler configuration, then setup your firewall to only allow your IP to access that port.
Related Articles
Joomla - Checklist for Moving ...
* Remove web directory protection entries * Rsync files to the new location * Change Apache root folder settings * Redo web directory protection entries * U...
How To Build an Ubuntu Web Ser...
The following is a task outline for building an Ubuntu-based web-server to run Joomla and JomSocial. I created this for my own notes, so apologies if it's...
Ubuntu 24.04 Nginx Build Outli...
I re-built my LEMP web-server fresh on Ubuntu 24.04 and learned some things along the way. This is my base build outline mostly created for my own notes. INS...
Joomla Running on Nginx and Ub...
What follows is an outline I compiled while researching how to tighten security on a Nginx web server. NOTE 1: Ubuntu 14.04 LTS was used for this. NOTE 2: This ...