Maintain. Protect. Optimize.

Admin Tools for Joomla!

Subscribe for Pro Access

Perform maintenance tasks. Protection against hackers. Optimise your site. All in one, neat bundle.

Compatible with Joomla 3, Joomla 4 and Joomla 5.

Admin Tools Core

for Joomla!

Download Core

Admin Tools Professional

for Joomla!

Subscribe for Pro Access

Top Features

Maintain

Optimise your database tables. Clean your temporary directory. Or perform any of the countless other daily maintenance tasks with a single click each.

Redirect easily

PRO Do you find the Redirect component hard to use? Are you puzzled by its inability to redirect URLs with parameters? No problem! Admin Tools' URL Redirect can do that. And much more.

Change permissions

Fine-tune your file permissions without having to use FTP or SSH.

Protect your site

PRO Our Web Application Firewall protects your site against the vast majority of common attacks. You won't find any security tool more feature-complete than this.

.htaccess / web.config / NginX Conf Maker

PRO Give your site the best overall protection. Create a sophisticated, secure .htaccess, web.config or NginX configuration with an easy GUI. You don't have to be an expert. Or even know how these files work.

Watch. Sniff. Catch.

PRO Admin Tools' PHP File Change Scanner will monitor your site's PHP files for changes. If something is amiss, it will let you know. It will even tell you which files might have been hacked.

Automate it

PRO Let the most useful maintenance operations run automatically. Use a CRON to keep the file change scanner ticking while you're fast asleep. Simply and efficiently.

All Features

Admin Tools for Joomla! Core Professional
  Download Core Subscribe for Pro Access
Emergency Off-Line switch

Put your site securely off-line in the case of an attack

Included in Core Included in Pro
Master Password

Prevent that client from breaking their site by »doing nothing«

Included in Core Included in Pro
Customize Permissions

ACL: fine-grained permissions, controlling which Admin Tools features each user can access.

Included in Core Included in Pro
Administrator Directory Protection

Protect access to your administrator directory with a username and password.

Included in Core Included in Pro
Change File & Folder Permissions

Easily change the permissions of all files and folders on your server. Permissions are fully customizable.

Included in Core Included in Pro
One click temporary files cleaning

One-click purge of your temporary directory

Included in Core Included in Pro
Repair and optimise tables

Repair and optimise all of your site's tables. Only available on Joomla 3 due to technical limitations of Joomla 4.

Included in Core Included in Pro
Sessions table purge

Purge and optimise the sessions table with a single click

Included in Core Included in Pro
URL redirection

Redirect old URLs or make your own URL shortener with features far beyond Joomla!'s

Not Included in Core Included in Pro
Scheduled cleanup

Scheduled automatic cleanup of your temporary directory and sessions table

Not Included in Core Included in Pro
PHP File Change Scanner

Monitor your site for changed or added PHP files and assess their potential for malicious behaviour

Not Included in Core Included in Pro
Settings import / export

Easily duplicate Admin Tools settings between your Joomla! sites.

Not Included in Core Included in Pro

.htaccess, NginX Configuration and web.config Maker

Disable directory listings
Not Included in Core Included in Pro
Protect against common file injection attacks
Not Included in Core Included in Pro
Disable PHP Easter Eggs
Not Included in Core Included in Pro
Block access to security-sensitive files

Block access to files such as htaccess.txt, configuration.php-dist and php.ini in your site's root

Not Included in Core Included in Pro
Protect against clickjacking
Not Included in Core Included in Pro
Reduce MIME type security risks
Not Included in Core Included in Pro
Reflected XSS prevention
Not Included in Core Included in Pro
Remove Apache and PHP version signature
Not Included in Core Included in Pro
Prevent content transformation
Not Included in Core Included in Pro
Block specific user agents
Not Included in Core Included in Pro
Block direct access to PHP files

Protection against direct access to PHP files. It can even block access to uploaded hacking scripts, mitigating the attack.

Not Included in Core Included in Pro
Force index.php parsing before index.html
Not Included in Core Included in Pro
Optimise expiration time

(good for SEO)

Not Included in Core Included in Pro
Compress static resources

Automatically compress static resources such as images, CSS, JS

Not Included in Core Included in Pro
Redirect index.php to site root
Not Included in Core Included in Pro
Redirect www / non-www

Redirect www to non-www, or non-www to www site, e.g. http://example.com to http://www.example.com

Not Included in Core Included in Pro
Redirect old domain name to new domain name
Not Included in Core Included in Pro
Force HTTPS for specific URLs

Force HTTPS even when Joomla! doesn't let you to

Not Included in Core Included in Pro
Force HSTS header

Increase HTTPS security by telling browsers to never access the unprotected HTTP version of your site.

Not Included in Core Included in Pro
Disable HTTP methods TRACE and TRACK

Protect your site against XST attacks

Not Included in Core Included in Pro
Control the Cross-Origin Resource Sharing (CORS) policy of your site
Not Included in Core Included in Pro
Control if and what ETags will be sent

Optimize client-side caching of your site's content, especially when it's behind a load balancer.

Not Included in Core Included in Pro

Web Application Firewall

Customised exceptions

Down to the component, view or query string level

Not Included in Core Included in Pro
Full logging of blocked requests
Not Included in Core Included in Pro
E-Mail Notification at security exception

Send out an email when a security exception occurrs

Not Included in Core Included in Pro
IP deny list

Prevent access to your site by specific IP addresses or blocks of IP addresses

Not Included in Core Included in Pro
Administrator IP exclusive allow list

Only allow access to your site's administrator section by specific blocks of IP addresses

Not Included in Core Included in Pro
Administrator secret URL parameter.

You can only see the administrator login page if you append ?secretWord to the URL (the secret word is customisable)

Not Included in Core Included in Pro
Change administrator login URL

(e.g. use http://www.example.com/mylogin instead of http://www.example.com/administrator)

Not Included in Core Included in Pro
Login E-Mail Notification

Send email on successful or failed administrator login

Not Included in Core Included in Pro
Customisable email templates and rate throttling for Admin Tools emails
Not Included in Core Included in Pro
Forbid front-end Super User login

Forbid front-end Super User login to deter brute-force password cracking

Not Included in Core Included in Pro
Monitor or forbid front-end Super User creation

Notify about the front-end creation of Super Users, or completely forbid it

Not Included in Core Included in Pro
Monitor or forbid extension and Joomla! configuration

Notify or prevent changing the Joomla! and/or extension configuration parameters.

Not Included in Core Included in Pro
SQLiShield protection

Catch and prevent most SQL injection attacks

Not Included in Core Included in Pro
Cross Site Scripting block

(XSSShield)

Not Included in Core Included in Pro
Malicious User Agent block

(MUAShield)

Not Included in Core Included in Pro
Remote File Inclusion block

(RFIShield)

Not Included in Core Included in Pro
Direct File Inclusion shield

(DFIShield)

Not Included in Core Included in Pro
Uploads scanner

(UploadShield)

Not Included in Core Included in Pro
Anti-spam filtering

Based on Bad Words list

Not Included in Core Included in Pro
Hide/customise generator meta tag
Not Included in Core Included in Pro
Block access to Joomla! extensions installer
Not Included in Core Included in Pro
Disable editing backend users' properties
Not Included in Core Included in Pro
X-Content-Encoded-By HTTP header content for GZip compression customisation
Not Included in Core Included in Pro
X-Powered-By HTTP header override
Not Included in Core Included in Pro
Block tmpl=foo system template switch
Not Included in Core Included in Pro
Block template=foo site template switch
Not Included in Core Included in Pro
Project Honeypot's HTTP:BL integration

Integration with Project Honeypot's HTTP:BL anti-spam / anti-hacker IP blocking directory

Not Included in Core Included in Pro
Auto-ban IPs

Auto-ban IPs causing excessive security exceptions (fully customisable)

Not Included in Core Included in Pro
Disclaimer

Automated security software, like Admin Tools, can only enhance your site's security, not positively prevent all known and yet-to-be-known attacks against your site. You are strongly recommended, under all circumstances, to follow sane security practices —like updating your site's software regularly and keeping backups— on top of using this product.

Do you have a question about this product?

We are here to help!

Submit a Pre-Sales Request