Central Administrator is based only to the following technologies: PHP, Javascript and jQuery.

Technical Specifications

  • Extension version: 2.1.2
  • Extension type: Component, Plugin
  • Extension technologies: PHP 5.4+, Javascript, jQuery
  • Compatible Joomla version: 3.1.5 or later
  • Compatible browsers: Chrome, Firefox, Opera, Edge, IE10, IE9, Safari


Central Administrator works in a very secure way. This is accomplished with the following way:

  1. None administration password or any Joomla password is used in order to get info from the monitored websites. Notice that when adding the website credentials, there is none field for any password.
  2. All the data transferred from and to the monitored websites is encrypted.
  3. The data and commands that are being sent to the monitored websites are bundled with the IP of the server, so they can't be used by others.

HTTP and HTTPS websites

Since version 2.0.0, the operation of the Central Administrator component (parent) is NOT affected from the https protocol. This means that scanning is possible no matter if the component (parent) or the plugin (child) are installed in websites using http or https.


Central Administrator can work in localhost as well. Specifically the following actions about localhost and live servers are alowed:

CA Component (parent)CA Plugin (child)Possible
Live Server Live Server Yes
Live Server Localhost No
Localhost Live Server Yes
Localhost Localhost Yes (but 'Thumbnail' and 'PageSpeed Score' are not supported)


Benefits of the new version 2.x.x

The new version is created in order to solve two major problems:

  1. The scan restriction between HTTP and HTTPS websites.
    The old version could not accomplish a scan from an HTTPS website (parent) to an HTTP website (child). The new version has no restrictions between HTTP and HTTPS.
  2. The new security hardening (nosniff) that Joomla added in the htaccess file in version 3.9.3.
    This change was making scan using Javascrip to fail. Now the problem is solved avoiding this Javascript code.

Other benefits:

  1. The scan is accomplished in sequential order (one-by-one).
    The benefits of this change are:
    • This makes the whole operation more controllable.
    • The parent server with the website having the Central Administrator component and the child servers with the monitored websites having the Central Administrator plugin, are receiving the tasks one by one, so the possibility for server overloading and thread abort is minimized.
    • The browser resources usage is reduced drastically.
  2. Availability of trial/limited version in order to test it.

Limitations, Conflicts & Clarifications

  1. In order the 'Backup' feature in the Central Administrator component to be fully working, you need to install Akeeba Backup in the monitored website. Akeeba Backup is a free extension to backup, restore and transfer Joomla websites in a snap.
  2. The 'DB Size' information in the Central Administrator component shows the size in MB of the tables that belong to the current Joomla website only.
  3. The 'Screenshot' and 'Page & Mobile Speed' features of Central Administrator component will fail for client websites hosted in local server (localhost).
  4. If the 'Extension Updates' displayed in Central Administrator component are more than those displayed in the Joomla administration of the client website then click to "Clear Cache" and "Find Updates" while being in the "Extensions: Update" page to see them all.
  5. The plugins that are disabled in the "Extensions: Update Sites" page of the client website will not be included in the available extension updates in Central Administrator component.
  6. If the automatic login to the administration area does not work (stops to the administrator's login page) then please try to temporary disable or add exception to security protection tools like SecurityCheck or AdminExile etc.
    Caution: Please use version 3.14 or newer for AdminExile.
  7. If the administration area is restricted using password protected directory then you can use the following URL in the field "Administrator's URL": http://username:/administrator/. Be careful, the password must not contain the character @.

About the features: 'Updates' & 'Backup'

The operations a) Joomla upgrade, b) extensions upgrade and c) Joomla backup are not being accomplished remotely through the Central Administrator component. On the contrary, the administrator is redirected to the corresponding administration control panel for each monitored website in order to accomplish the action. This happens for the following reasons:

  • Giving remote commands for actions like these, does not guarantee that they will be completed. Many problems can cancel the procedure. So it is better for the administrator to do the action through the actual control panel of Joomla.
  • Many times it is important to see more details about the specific actions. For example when taking a backup it is good to check for older backups and most possibly delete some of them.
  • Managing a website with remote commands does not sound responsible for a good administrator.