Using Access Control Lists (ACL) to limit back-end access to a single component

If you want to give a user access to just one component through the back-end administration interface, do the following:

  1. Create a new user group such as admin2 and assign it to the Public group parent.
  2. Go to Site | Global Configuration.
  3. Click Permissions.
  4. Open Permissions for the Admin2 group.
  5. Change Admin Login to Allow and click Save. Note: Do not enable Access Admin Interface or they will have access to much more.
  6. Go to Users | Access Levels
  7. Edit the Special level and enable the admin2 user group you created to be part of the Special group. It is a strange quirk of Joomla that you must be part of the Special group to access the back end.
  8. Go to the Component you wish to provide access to.
  9. Click Options.
  10. Expand the permissions for admin2 and change all the settings you require to Allow and click Save and Close.
  11. Create a new user and assign them to the admin2 group.

Now when you log in with the new user you've created, you will only see the menu for the component you allowed access to and a couple other essential Joomla menus.


#3 erichf 2018-02-08 16:11
Quoting Lauren:
Hi! Do you know if they make any plugins to protect
against hackers? I'm kinda paranoid about losing everything I've worked hard on. Any

There are plug-ins which detect hacking activity on your site and there are third-party services such as which offer more advanced protection.

Your site is running Wordpress not Joomla so you'll need to consult with someone who is more familiar with that CMS.
#2 Lauren 2018-02-08 14:36
Hi! Do you know if they make any plugins to protect
against hackers? I'm kinda paranoid about losing everything I've worked hard on. Any
#1 Vivek 2016-12-22 05:16

Thanks :)

You have no rights to post comments

Recent Random Insights

  • 23 May 2020
    If you're using Joomla Component Builder and your admin list view isn't showing any items, even though there are items in the database, edit your admin view and make sure in the Admin behaviour column is set to Show in All List Views for at least one field.
  • 18 May 2020
    Ok. When creating a custom field: Here's an example of the text that goes in the "The php for the getOptions method" box. // gets the name and IDs of the description articles $db = JFactory::getDBO(); $query = $db->getQuery(true); $query->select($db->quoteName...
  • 18 May 2020
    I want a query to return all the fields for all the entries in the table minto_regsix_session that include a value of 2 in the 'day' field. Following is a screenshot from phpMyAdmin of the table including the day field which contains a JSON array. This query did NOT work. SELECT...
  • 07 February 2020
    Warning: session_start(): Failed to read session data: user (path: c:/wamp/tmp) in libraries\joomla\session\handler\native.php on line 260Error: Failed to start application: Failed to start the session Solution: check to make sure $dbprefix in the configuration.php file is set to correctly ma...
  • 12 September 2019
    If you get this message after switching to php version 7.x, change your code to from count() to count(get_object_vars()).
  • 08 August 2019
    Using json_decode in PHP is handing for extracting json parameters from PHP. Similarly, you can use JSON_EXTRACT in an SQL query.   SELECT JSON_EXTRACT(`params`, '$.parent_info_session') FROM `minto_categories` WHERE `id` = 96   Thise selects the data from the parent_info_session par...
  • 09 June 2019
    I you're getting Unable to Connect or ERR_CONNECTION_REFUSED when trying to connect to a site on localhost, check the configuration.php file to see if $force_ssl is set to 2. Change it to 0 and the problem should go away.