I always dislike doing this (changing core file of Joomla!) but here they ARE...

If any core developer of Joomla! read this, can't we look together to have more event hook (in views, more in controller) in Joomla! core?


  • Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages
  • Are for Joomla! 1.5.1 only and SecurityImages 5.0.0Beta2
  • 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details
  • Download file Joomla_1.5.1-Stable-Full_PackageForSecurityImages5.0.0.zip (33kB) and overwrite file on your server

Report all bugs in the forums in the new section

Below are some screen shots of the BETA2 in Joomla! 1.5 in action


User operations





To switch these patches ON/Off, go to the Global Configuration page as seen in the screen shot below




You want to customize the error message? then edit the file language\en-GB\en-GB.com_user.ini and change the key

SECURITYIMAGES REJECT USER ENTRY=Invalid Captcha word, Please enter the correct value you see in picture

SECURITYIMAGES LABEL=Anti-spamming protection:

Contact section

On a per user/contact basis, a new switch is available:





Login area


Customize labels, keys are in language\en-GB\en-GB.mod_login.ini



and in module


Administrator area

Patches for administrator area are missing because the plugin SecurityImages in front end start a session that is different from the backend. I will for sure find a way to get around it. In between I recommend You to use htaccess login to enhance admin login protection and reduce brute force attacks.