Tips to secure your Joomla

Andre

Active member
Registered
Joined
Aug 13, 2012
Messages
77
Points
0
If you are using Joomla to manage content, you need follow some short tips to secure your CMS anti hackers.

Update your Joomla installation to lastest version immediately after Joomla released a new version.

Chmod for files on server depend each folder. file permissions need to be set correctly.

You should change database prefix instead of default.

Install a backup component and backup your system.

Update your newest extensions when you installed Joomla.

If you are having any problems, feel free to drop me replies here.

Thanks
 

George Hiner

New member
Joined
Jan 24, 2014
Messages
12
Points
0
Check for Update of Joomla installation to upgrade version immediately after Joomla released a latest update. regularly check for Joomla extension.
 

JuanRoth

Member
Registered
Joined
Oct 3, 2013
Messages
19
Points
0
Update your joomla regularly to the latest threats. Update your newest extensions when you installed Joomla.
 

Wintersmith

New member
Registered
Joined
Mar 17, 2014
Messages
5
Points
0
chmod for files on server depend each folder. file permissions need to be set correctly.
Install a backup component and backup your system.

Thanks
Since I'm a long time J! user I'd like to drop in couple tips when it goes CMS security.
Of course I fully agree with already mentioned things, as there are never enough security steps taken ;)
1. protect /administrator directory with all possible ways you can. Use htaccess (htpasswd) to protect this directory, or hide it. 3rd party plugins may become vulnerable, and you won't notice that.

2. After you end up developing the site, and before launch day, uninstall all unused extensions/plugins/modules, and delete their remains. If you leave a development version for further testing, close public access to it, as it will become sooner or later an abandoned instace and as such exposed for future to come exploits. In most cases data used in such instances is the same, as the production services...

3. disable unused, default J!'s plugins. You really do not have to leave for example search or frontend login plugins enabled for a small business_card_type of website with 4-5 pages on it.

4. when it goes to backups (I assume Andre had akeeba ext. on his mind), move backups to directory which cannot be accessed from browser.

5. I have bad expreiences with J!'s media manager, as it is still (in v3.2) a leaky default extension. I suggest to block a complete access to it and use 3rd party extension for multimedia files management.

That's all as for now ;)
 
Older Threads
Replies
2
Views
3,413
Replies
3
Views
3,640
Replies
3
Views
2,818
Newer Threads
Replies
0
Views
4,280
Replies
20
Views
10,581
Replies
16
Views
6,686
Replies
3
Views
2,704
Ric
Latest Threads
Replies
1
Views
25
Replies
0
Views
180
Replies
1
Views
39
Replies
2
Views
81

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top