By default, Joomla backend login URL is www.yoursite.com/administrator. It’s easy to remember but bad from security point of view.
If you change administrator login to www.yoursite.com/administrator/?secreturl , your site will be more protected.
For this, I use free Joomla plugin kSecure (for Joomla 1.5 .1.7, 2.5, 3.x)- downloading requires registration, but it’s free and plugin is great! Best part is that visiting www.yoursite.com/administrator/ would redirect to www.yoursite.com.
Installation and configuration:
1. Install just like any plugin – go to Extensions > Extension manage, browse installation file, press ‘Upload and install’.
2. Visit Extensions > Plugin manager, find plugin ‘System – kareebu Secure’ (thats the full name) and open it.
3. Enabled and Enable must be set to Yes, copy your secreturl to Password field.
Mode: HTTP Authentication will pop window asking for password. If it’s correct, then will redirect to login.
I recommend Compatibility mode, because it will automatically show login page only if you visit www.yoursite.com/administrator/?secreturl . No additional password asked. And if someone goes to www.yoursite.com/administrator or www.yoursite.com/administrator/?wrongsecreturl, he will be redirected to homepage.
After this, don’t forget password (if you do, you can see it using phpMyadmin, in database table plugins, where plugin name is ‘System – kareebu Secure’).