General
Central Administrator comes in two parts: a) the 'parent' extension and b) the 'child' extension.
The 'parent' extension consists from a component (and a plugin). This extension monitors and collects information about the Joomla websites of the clients (childs). This extension needs to be installed only once on the website of the administrator who will monitor the websites of the clients. Of course, it can be installed more than once if needed.
The 'child' extension consists from a plugin. This extension has to be installed to each monitored Joomla website in order the Central Administrator component (parent) to be able to collect information from it. Each time the plugin is installed, some credentials have to be copied from the plugin to the component.
Ιnstallation
Installation of the parent extension
Usually the installation of the component will be needed to be done once. It has to be installed in the Joomla website that only the administrator has access to. This website will be called as administrator's website.
- Download the Central Administrator parent extension.
- In the Joomla control panel select: "Extensions" > "Manage" > "Install".
- In the "Upload Package File" tab click "Browse for file" and locate the file "central-administrator-parent-2.1.2.zip".
If you want to fill in the field 'PageSpeed Insights API Key' in the 'Settings' page you can take the API key from the page https://developers.google.com/speed/docs/insights/v4/first-app.
Installation of the child extension
The installation of the plugin has to be done to each monitored Joomla website. These websites are usually the websites of the customers. Each one of these websites will be called as client's website.
- Download the Central Administrator child extension.
- In the Joomla control panel select: "Extensions" > "Manage" > "Install".
- In the "Upload Package File" tab click "Browse for file" and locate the file "central-administrator-child-2.1.1.zip".
Add Monitored Website to Central Administrator (C.A.)
To add a website in Central Administrator (C.A.) in order to be monitored, you need to install the parent extension (component) and the child extension (plugin) of Central Administrator. See above how to do it and where to install each one.
- Go to the administration area of the administrator's website that has the C.A. parent extension (component) installed.
- Select "Components" > "Central Administrator" > "Websites".
- Click to the "Add Website" button and you will see the new page "Central Administrator - Add Website".
- Fill in the fields: Title, URL, Administrator's URL, Administrator's Username. Please be careful to fill in the correct values. In order to fill in the fields Website Key and Secret Key continue to the next steps.
- Open a new window in the browser and go to the administration area of the client's website that has the C.A. child extension (plugin) installed.
- Select "Extensions" > "Plugins" > "System - Central Administrator".
- Copy the values of the fields Website Key and Secret Key to the fields of page at step 4.
- Set the status of the plugin to Enabled and save the plugin.
- Click the Save button at the "Add Website" page.
- After you return to the main page of the C.A. component, you will see the new line of the new monitored website. Click to the arrow at the end of the line in order to start scanning the new monitored website.
Screenshots
Component
Plugin
Automatic Update
In order to be able to easily update the extension through the update system of Joomla, you need:
- Your membership ID. This can be found in the email you received with the subscription information of this extension or in your profile in this website.
- An active subscription of this extension. You can see your subscriptions in your profile as well.
Having the above fulfilled, do the following:
- Select "Extensions > Plugins".
- Locate in the list the line with name "Installer - Central Administrator" (the column 'Type' is equal to 'Installer') and click to it.
- Fill in your membership id in the parameters, enable the plugin and save.
Now you will be able to update the extension through the Joomla update system. But if you want, you can do it manually by downloading the latest version from this website.
Uninstall from Joomla
- Select "Extensions > Manage > Manage".
- Locate in the list the line with name "Central Administrator" where the column 'Type' is equal to 'Package'.
- Check the line and click "Uninstall". This will uninstall completely the extension.
Read More
Central Administrator is based only to the following technologies: PHP, Javascript and jQuery.
Technical Specifications
- Extension version: 2.1.2
- Extension type: Component, Plugin
- Extension technologies: PHP 5.4+, Javascript, jQuery
- Compatible Joomla version: 3.1.5 or later
- Compatible browsers: Chrome, Firefox, Opera, Edge, IE10, IE9, Safari
Security
Central Administrator works in a very secure way. This is accomplished with the following way:
- None administration password or any Joomla password is used in order to get info from the monitored websites. Notice that when adding the website credentials, there is none field for any password.
- All the data transferred from and to the monitored websites is encrypted.
- The data and commands that are being sent to the monitored websites are bundled with the IP of the server, so they can't be used by others.
HTTP and HTTPS websites
Since version 2.0.0, the operation of the Central Administrator component (parent) is NOT affected from the https protocol. This means that scanning is possible no matter if the component (parent) or the plugin (child) are installed in websites using http or https.
Localhost
Central Administrator can work in localhost as well. Specifically the following actions about localhost and live servers are alowed:
CA Component (parent) | CA Plugin (child) | Possible |
Live Server |
Live Server |
Yes |
Live Server |
Localhost |
No |
Localhost |
Live Server |
Yes |
Localhost |
Localhost |
Yes (but 'Thumbnail' and 'PageSpeed Score' are not supported) |
Benefits of the new version 2.x.x
The new version is created in order to solve two major problems:
- The scan restriction between HTTP and HTTPS websites.
The old version could not accomplish a scan from an HTTPS website (parent) to an HTTP website (child). The new version has no restrictions between HTTP and HTTPS.
- The new security hardening (nosniff) that Joomla added in the htaccess file in version 3.9.3.
This change was making scan using Javascrip to fail. Now the problem is solved avoiding this Javascript code.
Other benefits:
- The scan is accomplished in sequential order (one-by-one).
The benefits of this change are:
- This makes the whole operation more controllable.
- The parent server with the website having the Central Administrator component and the child servers with the monitored websites having the Central Administrator plugin, are receiving the tasks one by one, so the possibility for server overloading and thread abort is minimized.
- The browser resources usage is reduced drastically.
- Availability of trial/limited version in order to test it.
Limitations, Conflicts & Clarifications
- In order the 'Backup' feature in the Central Administrator component to be fully working, you need to install Akeeba Backup in the monitored website. Akeeba Backup is a free extension to backup, restore and transfer Joomla websites in a snap.
- The 'DB Size' information in the Central Administrator component shows the size in MB of the tables that belong to the current Joomla website only.
- The 'Screenshot' and 'Page & Mobile Speed' features of Central Administrator component will fail for client websites hosted in local server (localhost).
- If the 'Extension Updates' displayed in Central Administrator component are more than those displayed in the Joomla administration of the client website then click to "Clear Cache" and "Find Updates" while being in the "Extensions: Update" page to see them all.
- The plugins that are disabled in the "Extensions: Update Sites" page of the client website will not be included in the available extension updates in Central Administrator component.
- If the automatic login to the administration area does not work (stops to the administrator's login page) then please try to temporary disable or add exception to security protection tools like SecurityCheck or AdminExile etc.
Caution: Please use version 3.14 or newer for AdminExile.
- If the administration area is restricted using password protected directory then you can use the following URL in the field "Administrator's URL": http://username:/administrator/. Be careful, the password must not contain the character @.
About the features: 'Updates' & 'Backup'
The operations a) Joomla upgrade, b) extensions upgrade and c) Joomla backup are not being accomplished remotely through the Central Administrator component. On the contrary, the administrator is redirected to the corresponding administration control panel for each monitored website in order to accomplish the action. This happens for the following reasons:
- Giving remote commands for actions like these, does not guarantee that they will be completed. Many problems can cancel the procedure. So it is better for the administrator to do the action through the actual control panel of Joomla.
- Many times it is important to see more details about the specific actions. For example when taking a backup it is good to check for older backups and most possibly delete some of them.
- Managing a website with remote commands does not sound responsible for a good administrator.
Read More