Recover super user administrative access Joomla that due to poor configuration in the ACL is no longer administrator?

Asked

Viewed 2,070 times

1

Joomla, since version 1.6, allows a complex user access level, and, unlike previous versions where it was possible to set only by a user role (super administrator, manager, author...) has allowed granular permissions. That is, by accident, it would be possible to turn a user who has super administrator permissions no longer access administration, and it is extremely complicated to reverse this by changing directly in the database.

How to resolve this emergency situation and allow a non-administrative user to have temporary access as if he were a super administrator?

In this case, the user’s password is known, but he has lost access. It is different from the super administrator password reset processes vua change in the database.

1 answer

2


There is a way to make a common user into a temporary super administrator, as well as become a former super administrator. It requires FTP access to your server.

This same mode can also serve if you have lost the super administrator password but know the password of a common user, and just want to enter the administration of your site and reset by it your previous password.

  1. Via FTP, go to the root of your site. It will have a file configuration.php. If necessary, change the file permissions to 644 or you won’t be able to change the file.
  2. Download the file to your computer, make a backup beyond the one you will edit.
  3. At the beginning of the file, right after the line containing class JConfig {, add the following public $root_user = 'username'; where username is the account username you have provisionally become a super administrator.
  4. Upload the edited file, and overwrite the previous file.
  5. With the username and password of the account you have set as super administrator, log in to the administrative area of your Joomla, and resolve the problem you have passed. If you have removed access permissions, add them again. If you forgot another user’s password and used a regular user to access the administration and reset your previous password, do this.
  6. Repeat the file editing steps configuration.php, and remove the line that allowed temporary access as super administrator.
  7. Go back to file access permissions configuration.php And exactly as it was before, probably 444. This prevents a person who knows where this file is from reading its contents from a shared hosting.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.