How to secure the administration section of Joomla?

  1. go to the website directory and then to the ‘administrator’ directory;
  2. create .htaccess file with the contents as follows:

    DirectoryIndex index.php
    AuthType Basic
    AuthName "please use your control panel password"
    AuthUserFile .../users
    Require valid-user
  3. while in the same ‘administrator’ directory, create an .htpasswd file. This file will store the login and password (as a hashed representation). In the future, it will be possible to access the secure directory only with these login and password;
  4. to create a login-password combination, follow the link. Enter the login and password and click Create .htpasswd file. Copy the result and save it to the previously created .htpasswd file.


Please note that the password in the .htpasswd file will be stored in a form of hashed representation. When accessing the secure directory, you will need to specify this hash rather than the password itself.

How to change the password? How to add a new user?

To change a password, you will need to simply repeat the password generation procedure using the same login. Online Generator. To add a new user, just generate a new login-password combination and add it to the .htpasswd file from a new paragraph.

How to remove an authentication form?

If there is no need for an authentication form any more, just comment out the lines that have been added to the .htaccess file previously. To do so, place a # character at the beginning of every line in question. Another option would be to simply delete all the relevant lines.