MageBridge backend-demo based on Joomla! 1.6
Monday, 11 April 2011MageBridge offers so many features, that it is many times too overwhelming to see the benefits. To give some extra insight information on how MageBridge works, and how you can benefit from it, we have made a demo-site available with backend-access.
Hacked demo
In the past, we had setup a demo-site already with full admin-access. Ofcourse, if you add a Joomla! website with username admin and password password, you are just waiting to get hacked. The demo-site was comprised by somebody who installed an extra extension, that loaded again a PHP backd00r, that again was used to upload further exploits in /tmp. While the hack-attempt stopped there, thanks to a secure setup of our webservers, it was definitely unwanted: We took the demo offline.
Joomla! 1.6 used to limit rights
Since then we have been waiting for a way to limit the rights of a backend-user. Ofcourse, Joomla! 1.6 offers the golden solution with its ACL-rules. We have created a demo user that belongs to the usergroup Demo, which has only access to those parts that are needed.
In the near future, we will introduce finer rulesets specifically for the MageBridge backend: For instance, if you have backend-access but you are no Super User, you should not be allowed to change anything - but the configuration might just as well be visible. This would benefit the demo for sure.
The MageBridge demos are listed here.