Some attackers may determine that a website running on Joomla! site-web.com/administrator
But in some cases, when you type /administrator/ index.php automatically
redirects us, then practically the attacker gives up because it thinks
that the website is Joomla admin panel but has another name or another
direction.
That happens for settings that the administrator has made to your
Joomla, Plugin installed AdminExile [/ b] that allows administrators to
add an access key to the end of the URL that redirects to erroneous
entries page beginning on page 404, or anywhere else without seeing the
login panel administrator.
Example:
Code:
- www.site-web.com/administrator/ <------------ redirects at index.php
- www.site-web.com/administrator/?key <------------ Admin panel
Once you have clicked on the second link, AdminExile password will be
active until the session expires (or until the browser is closed).
For this case, I made a video demonstrating where achievement easily get
the key (key) to enter the administrative site without problems.
Video Tutorial
