Intrusion Detection System for Joomla! - Joomla! Plugin - Logo

JOOMLA 4.x JOOMLA 3.x FREE PRO

Name: Intrusion Detection System for Joomla! - Version: 3.0.0-FREE / 3.1.2.0-PRO / 4.0.0.0-PRO - Type: System Plugin - License: GPLv3
Description: A security layer for your Joomla! website

Overview of all downloads of the extension: IDSJ - Intrusion Detection System for Joomla! Downloads

Simple to use, well structured and fast security layer for Joomla!

Intrusion Detection System for Joomla! is a simple to use, well structured, fast security layer for your Joomla! website. The plugin recognises when an attacker tries to break your site and reacts exactly how you configure it.

Based on a set of approved and heavily tested filter rules provided by the PHPIDS project, any attack is given a numerical impact rating, and preselected actions are triggered to mitigate or stop the hacking attempt entirely.

Installation

Install the extension in the backend under Extensions. Set the desired settings in Extensions -> Plugins -> System - Intrusion Detection System for Joomla! - IDSJ.

The plugin has four intrusion detection actions:

The Email Action (PRO) allows you to send a notification email with detailed information to specified email addresses if the system detects an intrusion attempt. Note: This action can only be activated in the Pro version!

The Block Action (PRO) blocks IP addresses from accessing the Joomla! website entirely if they exceed the allowed number of intrusion attempts. All requests from blocked IP addresses are terminated directly by the plugin. After the specified block time, the IP addresses are removed from the lock list and can access the system as usual again. Note: This action can only be activated in the Pro version!

The Log Action logs all intrusion attempts into a text file on the server. You may find the log file under plugins/system/intrusiondetectionsystemjoomla/src/logs/log.txt. The file is not accessible via the browser; please connect to your server via (S)FTP to download it.

The Stop Application Action abruptly stops the execution of the Joomla! system and displays an error message if an intrusion attempt is detected.

Note: The plugin does not sanitise or filter malicious input but executes the selected actions if an intrusion attempt is detected. An IDS system should not be relied upon for sole protection in your environment! Use it as the first level of threat identification.

The plugin uses the Expose library for the checks: https://github.com/enygma/expose

Changelog

+ = Added - ! = Removed - ^ = Changed - # = Fixed

Joomla! 4.x

Version 4.0.0.0-PRO - 2021-08-27

  • + First Pro release for Joomla! 4.x based on IDSJ Pro version 3.1.1.1-PRO

Joomla! 3.x

Version 3.1.2.0-PRO - 2021-09-25

  • + Added Request-URI information to the log file and email notification. Thanks to Thomas L. for the feature request!

Version 3.1.1.1-PRO - 2021-04-19

  • ^ Added labels to the notification email
  • ^ Added request parameters to emails triggered by the user agent blocklist

Version 3.1.1.0-PRO - 2021-04-18

  • + Blocklist - User agents option - This option allows blocking requests from specified user agents. If such a request is registered, it is treated as an impact threshold excess, and the selected actions are applied.

Version 3.1.0.0-PRO - 2021-04-12

  • + Impact threshold - Direct block option for Block Action - Set the value from which impact the system triggers the blocking action directly. The value 0 disables this option.
  • ^ Changed the version number specification. The first number stands for the supported major Joomla! version. The following three numbers follow the Semantic Versioning Specification (SemVer), as it used to be previously.

Version 3.0.1-PRO - 2021-03-10

  • + Whitelist option - This option allows to whitelist names from the analysed data so that these names' values are not analysed and do not affect the overall impact. It is useful for variables that are prone to false-positives but are appropriately sanitised by the application (for instance, "password").

Version 3.0.0-FREE - 2021-02-22

  • + First release for Joomla! 3.x - Based on 3.0.0-PRO with a limited feature set.

Version 3.0.0-PRO - 2021-02-18

  • + First release for Joomla! 3.x

Download

Overview of all downloads of the extension: IDSJ - Intrusion Detection System for Joomla! Downloads