Tips to secure your Joomla

Andre

New member
Joined
Aug 13, 2012
Messages
146
Points
0
If you are using Joomla to manage content, you need follow some short tips to secure your CMS anti hackers.

Update your Joomla installation to lastest version immediately after Joomla released a new version.

Chmod for files on server depend each folder. file permissions need to be set correctly.

You should change database prefix instead of default.

Install a backup component and backup your system.

Update your newest extensions when you installed Joomla.

If you are having any problems, feel free to drop me replies here.

Thanks
 

George Hiner

New member
Joined
Jan 24, 2014
Messages
20
Points
0
Check for Update of Joomla installation to upgrade version immediately after Joomla released a latest update. regularly check for Joomla extension.
 

JuanRoth

New member
Joined
Oct 3, 2013
Messages
51
Points
0
Update your joomla regularly to the latest threats. Update your newest extensions when you installed Joomla.
 

Wintersmith

New member
Joined
Mar 17, 2014
Messages
7
Points
0
chmod for files on server depend each folder. file permissions need to be set correctly.
Install a backup component and backup your system.

Thanks
Since I'm a long time J! user I'd like to drop in couple tips when it goes CMS security.
Of course I fully agree with already mentioned things, as there are never enough security steps taken ;)
1. protect /administrator directory with all possible ways you can. Use htaccess (htpasswd) to protect this directory, or hide it. 3rd party plugins may become vulnerable, and you won't notice that.

2. After you end up developing the site, and before launch day, uninstall all unused extensions/plugins/modules, and delete their remains. If you leave a development version for further testing, close public access to it, as it will become sooner or later an abandoned instace and as such exposed for future to come exploits. In most cases data used in such instances is the same, as the production services...

3. disable unused, default J!'s plugins. You really do not have to leave for example search or frontend login plugins enabled for a small business_card_type of website with 4-5 pages on it.

4. when it goes to backups (I assume Andre had akeeba ext. on his mind), move backups to directory which cannot be accessed from browser.

5. I have bad expreiences with J!'s media manager, as it is still (in v3.2) a leaky default extension. I suggest to block a complete access to it and use 3rd party extension for multimedia files management.

That's all as for now ;)
 
Older threads
Replies
2
Views
4,643
Replies
5
Views
3,883
Replies
8
Views
4,742
Ric
Replies
10
Views
6,696
Replies
2
Views
4,021
Newer threads
Replies
1
Views
2,898
Replies
3
Views
7,273
Replies
22
Views
13,496
Replies
8
Views
6,158
Replies
3
Views
2,612
Latest threads
Replies
2
Views
368
Replies
1
Views
366
Replies
4
Views
1,888
Replies
3
Views
794
Recommended threads
Replies
9
Views
4,467
Replies
0
Views
2,898
Similar threads
Replies
5
Views
4,278
Replies
10
Views
3,016
Replies
4
Views
3,423
Replies
5
Views
2,805

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top