Using Access Control Lists (ACL) to limit back-end access to a single component

If you want to give a user access to just one component through the back-end administration interface, do the following:

  1. Create a new user group such as admin2 and assign it to the Public group parent.
  2. Go to Site | Global Configuration.
  3. Click Permissions.
  4. Open Permissions for the Admin2 group.
  5. Change Admin Login to Allow and click Save. Note: Do not enable Access Admin Interface or they will have access to much more.
  6. Go to Users | Access Levels
  7. Edit the Special level and enable the admin2 user group you created to be part of the Special group. It is a strange quirk of Joomla that you must be part of the Special group to access the back end.
  8. Go to the Component you wish to provide access to.
  9. Click Options.
  10. Expand the permissions for admin2 and change all the settings you require to Allow and click Save and Close.
  11. Create a new user and assign them to the admin2 group.

Now when you log in with the new user you've created, you will only see the menu for the component you allowed access to and a couple other essential Joomla menus.


#3 erichf 2018-02-08 21:11
Quoting Lauren:
Hi! Do you know if they make any plugins to protect
against hackers? I'm kinda paranoid about losing everything I've worked hard on. Any

There are plug-ins which detect hacking activity on your site and there are third-party services such as which offer more advanced protection.

Your site is running Wordpress not Joomla so you'll need to consult with someone who is more familiar with that CMS.
#2 Lauren 2018-02-08 19:36
Hi! Do you know if they make any plugins to protect
against hackers? I'm kinda paranoid about losing everything I've worked hard on. Any
#1 Vivek 2016-12-22 10:16

Thanks :)

You have no rights to post comments

Recent Random Insights

  • 08 August 2019
    Using json_decode in PHP is handing for extracting json parameters from PHP. Similarly, you can use JSON_EXTRACT in an SQL query.   SELECT JSON_EXTRACT(`params`, '$.parent_info_session') FROM `minto_categories` WHERE `id` = 96   Thise selects the data from the parent_info_session par...
  • 09 June 2019
    I you're getting Unable to Connect or ERR_CONNECTION_REFUSED when trying to connect to a site on localhost, check the configuration.php file to see if $force_ssl is set to 2. Change it to 0 and the problem should go away. 
  • 02 May 2018
    You can use array_keys to get the keys from an array but how do you get the keys from elements in an object.  Easiest method is to cast the object to an array and use array_keys. $Keys = array_keys(array)$ObjectName);
  • 04 April 2018
    Assuming the Media Manager is already identifying application/pdf as a valid mime type and it's still not working. log into cPanel Choose "select PHP version" under "software" heading Make sure fileinfo is checked
  • 22 January 2018
    If you are trying to hide the author avatar and other related information that appears in a K2 Item, you can do this on an article-by-article basis or you can change the settings for the category that the article belongs to. Edit category > Item View Options > Author options > Display ext...
  • 21 January 2018
    When attempting to use the Gavick News Show Pro GK5 module in conjunction with their News template. I've used the Quickstart package on my internal development server and installed K2 so that I can use its features. If I edit any one of the instances of the News Show Pro GK5 modules and save the s...
  • 04 January 2018
    At some point, my Joomla system running on my local WAMP became incredibly slow. It was taking 30-60 seconds to load a page that only takes a few seconds to load on my cloud server. I discovered that when I had enabled xdebug in my php.ini settings, I had turned on the profiler which was generatin...