Joomla 2.5 – setting session time out limit in frontend

Accidentally came across the following potential vulnerability in joomla – the end of session in the frontend in Joomla does not match the backend – the session did not end for more than two days. Pretty dangerous if you give out a lot of different permissions to editors and authors.


Open file modules/mod_login/tmpl/default.php and then comment out the line at the top:


After that the backend and frontend session times will coincide.
Good luck!

This entry was posted in Joomla (en). Bookmark the permalink.

Leave a Reply

🇬🇧 Attention! Comments with URLs/email are not allowed.
🇷🇺 Комментарии со ссылками/email удаляются автоматически.