Description : 

Most common and frequent hacking attempts occurring on Joomla is Brute Force & Denial Of Service (DDoS) attacks.

One of the effective trick to prevent Brute Force & Denial Of Service (DDoS) attack is by enabling first level authentication to Joomla admin login page , this can be done using the .htaccess file.

The .htaccess file is a powerful configuration file that allows you to improve your site’s security and performance. In this article, we will show you how to enable First level authentication for your Joomla admin login page in right way.

Before you make any changes, you need to backup your existing .htaccess file. If you cannot see the .htaccess file, then make sure you selected ‘Show Hidden Files (dotfiles) ‘ option in your Cpanel File manager Settings.

We can see the steps in below :

Step1 : Login to control panel => File manager => Public_html

Step2 : Click => Administrator for joomla and create .htaccess file

Step3 : Edit the .htaccess file and enter the script as below

****

AuthType Basic
AuthName “Password protected area”
AuthUserFile /home/username/.htpasswd
require valid-user

****

Replace ‘user name’ with your control panel user name.

Step4 : Create .htpasswd file in your home directory and copy paste the below link and save changes.

test:$apr1$22ySDKoX$yVG9dFSXYM3HDTwwdwFPq.

Step5 : We can encrypt the password using MD5 encryption methos with the help of online tools.

Step6 : After done this when browse your joomla admin page you can able to see the first level authentication as per the screenshot.

Enter => username – test ; password – test

Step7 : When we provide the correct login details then we can able to view the joomla admin page as below.

Step8 : When we provide the wrong details you can get the error message as below.

Error message throws depends upon the contents updated in the script

Step9 : Revert the changes to disable the first level authentication.