Joomla extensions have moved!

Galaxiis (formely creates industry leading premium Joomla Extensions and is the longest running Joomla extensions provider since 2005.

Powerful Joomla extensions. - Excellent documentation. - Amazing support.

Visit now

A Patch to protect Mambo administrator login page against brute force password attack!

How it is working?

  1. It is a component com_hashcash containing alls script to create a MD5 key in PHP and javascript, and verifying a challenge.
  2. The server is sending inside a hidden field a MD5 value which is directly linked to the server, user sessionid, time.
  3. The client will have to encrypt with a MD5 javascript (costly cpu operation for a spammer) the value of this hidden field and send it back to the server as hidden field name.
  4. If the test is not succesful, the spammer will get banned for 60seconds.
  5. All successful/unsucessful submit are logged in a file.
  6. When the file get bigger as 64kb, an email is sent to the admin.

This component has no administration panel! Simply overwrite the file on Your server with the content of the zip. A component package install is on the way.

Original Mambo file affected for the login page:

  • /administrator/index.php <- add verification of the challenge
  • administrator\templates\mambo_admin\login.php <- insert hidden fields, and reference to MD5 javascript
  • administrator\templates\mambo_admin_blue\login.php <- insert hidden fields, and reference to MD5 javascript

  • Many cryptographic algorithm, SHA1 on the way,
  • A mambots for changing on the fly all FORM before submit,
  • Ako_comment has been already patched, and  tested -> Waiting OK from Arthur Konze for releasing.
  • Ako_guestbok must be changed
link in download section...

You might like also

3 New Icons Packs for AKoComments 2.5
Attention: I did not rename the inserted tag correctly (I mean there is no grammar across settings.php) that means that migration from one theme to the other can be difficult. If someone want to invest some time and identify each smileys in each pack and assign the good description in settings.php.... for example a smiling smyleys should have : - )click more for pictures.....available in download section...enjoy! …
5468 Days ago
No Thumbnail was found
Your project registration for MamboForge has been approved.Project Full Name: hashcash for Mambo - cryptographic fwProject Unix Name: hashcashCVS Server: Shell/Web Server: visit it at …
5470 Days ago
AkoComment 2.5 unofficial release in Download section
with antispamming and smileys skinning facilities...Not endorsed by Arthur Konze, All credits to Athur Konze. …
5470 Days ago
No Thumbnail was found
Your project registration for MamboForge has been approved. Project Full Name: Log4PHP for Mambo - logging framework Project Unix Name: log4php4mambo CVS Server: Shell/Web Server: log4php4mambo.mamboforge.netIntegration of the famous LOG4J technology into Mambo Help any components, modules, mambots to have a way to create accurate informations in server logs files: Concepts: Origine of code: …
5471 Days ago
Ako comment smileys icons pack
I've slightly modified ako_comment to accept smileys packages....All You have to copy a new directory in \components\com_akocomment\packs\A smileys package MUST contain a file settings.php, for example I have a components\com_akocomment\packs\exoticThe name of the package will have to be save in the admin panel<?php $smiley[':cats'] = "cats.gif"; $smiley[':doctor'] = "doctor.gif"; $smiley[':cry'] = "cry.gif"; $smiley[':mad'] = "mad.gif"; $smiley[':eek'] = "sm12.gif"; $smiley[':upset'] = "sm25.gif"; $smiley[':zzz'] = "sm_sleep.gif"; $smiley[':vroum'] = "VroumVroum06.gif";?>This will let You choose very easily your own smileys...Expect a release tomorrow in …
5472 Days ago
Mambo com_akocomment antispam patch
Comments are welcomed!Here we go....I've patched the component Ako comment of Arthur Konze with a hashcash technology....:A new form hidden field:with a random name (Hname),with a random MD5 value (Hvalue),is now send to the user.If the user want to submit a comment, a browser has to:Locate the random hidden field name (Hname) with javascript: (function replace())Rehash with a javascript MD5 the hidden field value (Hvalue) (and this is time consuming for spammer :-) )and send everything to server.If the spammer …
5474 Days ago
No Thumbnail was found
I use previously Jedit ( and reach the limit very fast (no versionning, no helper, nothing...) I recommend to any serious developer to install:Eclipse from freePHPEclipse plugin from phpeclipse freeA concurent versionning system: CVS fro windows CVSNT freeA runnable Mambo environment like EasyPHP free …
5477 Days ago
No Thumbnail was found
Log4PHP Sick of echo "" and useless debug or error statement in PHP logs? Log4PHP is the famous brother of Log4J, and therefore it is a must for every average developer. I have packed log4PHP into a Mambo component. Enjoy!!!TODO: provide a editor for the configuration file inside the administration panellink in download section.... …
5477 Days ago
No Thumbnail was found
So I have just finished and test the integration of a hashcash challenge (MD5) into the com_akocomment component...using the code of this page only an extract but all credit to original authors:C.S. - www.cimmanon.orgGene Shepherd - www.imporium.orgJohn F -www.stonegauge.comMagenson - Mullenweg - photomatt.netMatt Warden - www.mattwarden.comPaul Andrew Johnston - to Arthur Konze, the author of com_akocomment : This email address is being protected from spambots. You need JavaScript enabled to view it. must also pack everything into a new version of the component or better say refactored the code a little …
5480 Days ago
No Thumbnail was found
SiteMap component (aka com_jm_sitemap) use on my homepage release in download section under GNU General Public License. You can find a living example in main menu under SiteMap/TOC).all credits goes to Copyright (C) James Mayer, Portland, OR USAChangelog: - reformating of source code, - add creation date for articles - add hits for articles - change pictures color and motifFuture:- different news icons for articles newer than 1 week, 1 months. - backend admin panelKnow bugs: - do not use …
5526 Days ago