One of the most common ways to find out if a site is created in Joomla is by simply typing domainname/administrator. This allows hackers to directly attack Joomla's administration console. and at times perform a brute force attack to crack user 10 and password. This nifty extension denies access to backend administration console without a proper access key. Using this extension is simple, it can be downloaded. Once installed. you can access it from plugin manager. Under plugin edit option. you can modify the access key, which by default is .. jSecure". Here you can also modify redirect path. If someone tries to access the back-end console without an access key. Once enabled you can access administration console by typing. (here instead of keyname provide the key which you had earlier provided in plugin edit.