Recently I noticed that one of my trusted customers was downloading all extensions he had a subscriptions for. No issue there, but I noticed that the download originated from an Iranian IP Address.

I contacted my customer by email and asked him if it was him who was doing the downloads: it turned out that he wasn't the person logged in!

The username and password that he used on my site (and that he also used on other sites) was compromised.

He was glad I notified him: he immediately changed his password on all sites he was using these credentials on avoiding further damage!

Notifying your users automatically

And that started me thinking:

Is the person logging in to my site also the person who the account belongs to? If not, my extensions potentially end up on the 'black-market'. But worse: the account information will also be available and that also has worth for a hacker.

What if the abuser changes your password or even your email address in your account: you would never know and would not be able to get access any more.

ochSimpleFirewall's new 'Notify Users' feature

And that is how the new 'Notify Users' feature was started in ochSimpleFirewall.

Just like the mayor content platforms (like HBO Max, Netflix, Nextcloud, etc.) ochSimpleFirewall adds the the ability to notify your users of account activity via email to your Joomla site:

  • on a password change
  • on an email change (email to the old email address)
  • on a new device / location login

I have tested these features extensively and in the short period of time that I had it enabled, I already found 5 (!) illegal logins: logins the account holders where not aware off.

I use it now on all my sites, not only for my users, but also on sites that have one (administrator) user: I now get notified if any of my own accounts on my Joomla sites is used to login with, or if the password / email was changed.

That won't stop abusers...

Of course these notifications are no 'cure' for your account being misused: two-factor authentication and (very) strong passwords are best implemented but even then...

It will limit further damage...

The damage will even get bigger when your account is abused and you are not aware of it.

It is like your bank card got stolen: the moment you are aware of this you can contact your bank and block the card for abuse. The sooner you know, the better: that is the added value of these notifications!


This new feature is available in ochSimpleFirewall version 2.2.0!

ochSimpleFirewall - 12 months
ochSimpleFirewall - 12 months
Keep your site secure and performant: Protect your website by automatically blocking all IP Addresses that are known to participate in on-line attacks, on-line service abuse, malwares, botnets, command and control servers and other cyber-crime activities.
More Information

Interesting blog? Like it on Facebook, Tweet it or share this article on other bookmarking websites.

Written by:
Pro-BloggerTop BloggerThought Leader

With a solid background in ICT (operational, tactical and strategic) and years of experience in the community life, I see in communities and community thinking the future for companies.

This future requires another way of thinking and doing; both for executives and employees. It's not about me; it's about you. Your well-being and your (personal) growth.

'What comes around - goes around'

In the world of communities, the old 'management laws' no longer work and are even counterproductive.

I coach leaders and organizations in their quest for how new and servant leadership can contribute to communities and community thinking, and as a result to the growth of the organization.

I do this from the following initiatives:


INFO: You are posting the message as a 'Guest'