Dean Marshall Consultancy Ltd

Freephone:     0800 756 6482
International: +44 1524 63492
Lancaster UK: (01524) 63492
Joomla!® Security and Support Experts

Please note that our documentation is being reviewed due to the release of DMC Firewall for WordPress. The following documentation was written for Joomla! so some of the information will not apply to DMC Firewall for WordPress.

Configuring DMC Firewall

Depending on the version of DMC Firewall that you have installed on your website (Core or Professional) will depend on what settings you are able to configure within DMC Firewall's Global Configuration. Below we have listed all of the settings for both Core and Pro and have listed then accordingly.

Email Options (Core and Professional)

There are two settings in which you are able to configure within the Global Configurations Email Options and they are:

  1. Enable Emails
  2. Email Address

1: When DMC Firewall blocks a request and bans the IP address, an email is sent to the email address which is specified within Global Configuration. By default an email is sent every time that an IP address gets banned - within the dropdown menu you are able to change this setting to any of the following settings:

  • Yes - Every time an IP address is banned or if there is an error
  • No - Never send an email - even if an error occurs
  • Only when an error occurs - Only send emails if there is an error banning the IP address

2: If you would like emails to be sent to an alternative address to the one specified within Global Configuration - enter the email address here. If you don't enter a valid email address, DMC Firewall will default to the address specified within Global Configuration.

Allow/Ban 'Bad Bots' (Partial Core and Professional)

Over the years we have identified a number of 'bots/site scrapers' that we feel shouldn't have access to websites. They become a 'bad bot' when they:

  • don't declare a website URL
  • contain a '@gmail' email address
  • crawl a whole website within a couple of minutes (increasing server load which could cause your website to become inaccessible)
  • SEO crawlers that competitors set on your website to gather information
  • perform bad requests
  • don't obey your 'robots.txt' file
  • and more...

All bad bots by default are banned if they crawl/visit your website however, you are able to allow specific bots by setting the value to 'Allow' instead of 'Ban'.

As of DMC Firewall 1.2, a total of 6 'bad bots' are included with the Core release while the Professional version includes 129 'bad bots'.

Bad Content settings (Core and Professional)

When hackers compromise a website - it could take months before the web master even finds out about the hack. Many hackers only make the 'bad content' visible to search engines such as Google, Bing and Yahoo so it only effects the listings within search engines. We developed the 'Content Scanner' to alert the web master as soon as bad content has been identified. Some websites such as this one, has published articles that contain some of these 'bad words' so we added a 'Threshold Limit' were the web master can specify a limit within the Global Configuration - making sure that they arn't sent any emails when users visit legitimate articles that contain the specific words.

The web master can set the threshold limit value as follows:

  1. 5
  2. 10
  3. 15
  4. 20
  5. 25
  6. 30
  7. 50
  8. 100

This means that the 'bad words' are able to be displayed on a page but they won't receive any emails until the limit is reached.

Login Attempts (Professional version only)

Because hackers try to 'brute force' the administrator area of your website we created a new authentication plugin that replaces the standard Joomla authentication plugin. Our plugin increases the security of your website by banning these attempts to prevent a hacker from gaining access to your system. For this plugin you are able to configure the following:

  • 'Empty Password Limit'
    • 0 - Ban at first attempt
    • 1
    • 2
    • 3
    • 4
    • 5
  • 'Username not found'
    • 0 - Ban at first attempt
    • 1
    • 2
    • 3
    • 4
    • 5
  • 'Lock Down Time Period'
    • 30 minutes
    • 1 hour
    • 1 hour 30 minutes
    • 2 hours
    • 4 hours
    • 5 hours
  • 'Max Failed Login Attempts'
    • 25
    • 50
    • 75
    • 100

Empty Password Limit - Hackers try multiple username and password combinations in order to breach your system and 'take over' your website. They do this by attempting to login via the administrator area of your website but they arn't really 'smart' about it. By default Joomla doesn't allow the password field to be empty - if any one looked at the Joomla authentication plugin's code the hackers would be able to see that. When you are setting this value, please bear in mind that if you allow 'real' people to login to your system - you have to be aware that they will sometimes forget to enter a password so please set this limit carefully.

Username not found - As mentioned above hackers try multiple variations of usernames and passwords and this settings 'catches' the hackers when they enter a password but the 'username' doesn't exist within your system.

Max Failed Login Attempts - Along with multiple username and password combinations, they like to 'mix things up' by using multiple IP address - making them think that they 'can't be caught'. They typically perform between 10 and 20 login attempts and then switch to a different IP address and perform the attempts again. Here we set a maximum number of attempts that when triggered DMC Firewall will put your system into Lock Down mode for the specified time that you have configured with the 'Lock Down Time Period' setting.

Lock Down Time Period - When the 'Max Failed Login Attempts' limit has been reached - DMC Firewall will put your website into 'Lock Down' mode. During Lock Down your system prevents any one from logging in - thus preventing the hacker from trying multiple times. Please note, all aspects of logging in are disabled - you wont be able to login to the administrator area and your users wont be able to login via the front end.

Advanced (Core and Professional)

Test Mode - This allows you to perform requests that would normally get you band - providing that you put DMC Firewall into test mode first. Simply select 'Enabled' and click save. Please note, when DMC Firewall is in Test Mode - a 'banner' is placed at the top of your website alerting you to the fact that you have enabled 'Test Mode'.

Download ID (Professional version only)

A download ID is only needed for the Professional version of DMC Firewall and requires an active subscription of either 'DMC Firewall Professional' or 'Deluxe Package'. Subscriptions can be obtained via the Subscribe page.

In order to update DMC Firewall Professional from within the extension, you first need to enter your Download ID