Tips to secure your Joomla

Andre

New member
Joined
Aug 13, 2012
Messages
146
Points
0
If you are using Joomla to manage content, you need follow some short tips to secure your CMS anti hackers.

Update your Joomla installation to lastest version immediately after Joomla released a new version.

Chmod for files on server depend each folder. file permissions need to be set correctly.

You should change database prefix instead of default.

Install a backup component and backup your system.

Update your newest extensions when you installed Joomla.

If you are having any problems, feel free to drop me replies here.

Thanks
 

George Hiner

New member
Joined
Jan 24, 2014
Messages
20
Points
0
Check for Update of Joomla installation to upgrade version immediately after Joomla released a latest update. regularly check for Joomla extension.
 

JuanRoth

New member
Joined
Oct 3, 2013
Messages
51
Points
0
Update your joomla regularly to the latest threats. Update your newest extensions when you installed Joomla.
 

Wintersmith

New member
Joined
Mar 17, 2014
Messages
7
Points
0
chmod for files on server depend each folder. file permissions need to be set correctly.
Install a backup component and backup your system.

Thanks
Since I'm a long time J! user I'd like to drop in couple tips when it goes CMS security.
Of course I fully agree with already mentioned things, as there are never enough security steps taken ;)
1. protect /administrator directory with all possible ways you can. Use htaccess (htpasswd) to protect this directory, or hide it. 3rd party plugins may become vulnerable, and you won't notice that.

2. After you end up developing the site, and before launch day, uninstall all unused extensions/plugins/modules, and delete their remains. If you leave a development version for further testing, close public access to it, as it will become sooner or later an abandoned instace and as such exposed for future to come exploits. In most cases data used in such instances is the same, as the production services...

3. disable unused, default J!'s plugins. You really do not have to leave for example search or frontend login plugins enabled for a small business_card_type of website with 4-5 pages on it.

4. when it goes to backups (I assume Andre had akeeba ext. on his mind), move backups to directory which cannot be accessed from browser.

5. I have bad expreiences with J!'s media manager, as it is still (in v3.2) a leaky default extension. I suggest to block a complete access to it and use 3rd party extension for multimedia files management.

That's all as for now ;)
 
Older threads
Replies
2
Views
3,913
Replies
5
Views
3,327
Replies
8
Views
4,056
Ric
Replies
10
Views
5,179
Replies
2
Views
3,285
Newer threads
Replies
1
Views
2,404
Replies
3
Views
4,439
Replies
22
Views
12,057
Replies
8
Views
5,394
Replies
3
Views
2,158
Latest threads
Replies
0
Views
7
Replies
2
Views
14
Replies
0
Views
11
Replies
2
Views
20
Replies
4
Views
20
Similar threads

Latest postsNew threads

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top