Backdoor is the Joomla 4 kompatible Version of the famous AdminExile plugin from Michael Richey (RicheyWeb).
Backdoor protects your backend / administration part of your site by using URL access keys (query parameters).
So, attempts to access the administrator login page will be met with either a redirect to your homepage, a 404 error, or a redirect somewhere else. This is e.g. a way to prevent brute force attacs.
To make this plugin J4 compatible, many things has to be done:
- Changed Joomla classes to namespaced
- Converted to J4 class environment
- Fixed problems with J4 login
- Removed "2-Factor pass". This doesn't make any sence. Where is the difference between a pass "mykey=myvalue" by checking the whole string or splitting it and comparing the individual parts?
First intension was to send Michael the codes, so he can update his package. After some mails and no reaction by him, the package is going public here. So the update server is now changed to this one.