Each of us, average internet users, is exposed to different threats through the web. Identity theft, money stealing and pure vandalism are just some of the web sore evils. Advanced security measures are being developed constantly to ensure that the good guys are ahead of the hackers, viruses and such.
If you own or manage a Joomla website, it can be assumed that you have more to lose than your e-mail account or private data; you have a business and a reputation to keep.
Do not be naive when it comes to protecting your visitors and your nurtured site. Defend your Joomla website with all possible means; it is a fairly simple task. Otherwise, you might find yourself one day wakening up to a complete chaos and end up losing your credibility and your users trust.
Can You Completely Secure Your Joomla Website?
‘Completely’ is a big word, and realistically it is rarely true. However, you have more than a few precautions that will considerably reduce the risks. Combined them all together, and you will get the next-to-perfect Joomla website defense. Review the following tips, try to implement as many as you can, in case you have not done them already. If you wish to learn the subject in depth, check out the ‘Security Checklist’ articles at Joomla.org.
Tips to Defend Your Joomla Website
- Keep track with all Joomla updates and security related news, and make sure you always have the most recent Joomla version.
- Do not put your Joomla version on display
- Check your sources; do not install Joomla extensions, unless you are positively sure that the source is reliable and is fully trusted by the Joomla community.
- There are many security extensions for Joomla; view the ones under the category Access and Security at the Joomla site.
- Don’t use the default names and permissions; replace them with something much more sophisticated.
- Passwords – there are a few passwords you should appoint yourself to change routinely; MySQL password, hosting password, FTP password and of course, administration passwords. Avoid recycling of passwords, and try to come up with complicated combinations; passwords even you cannot remember.
- Avoid giving Super Administrator rights to other people, unless it is absolutely essential. If you do authorize additional people, open different accounts for each one.
- Do not permit users to upload scripts to your Joomla website. Stay with the default this time. If you really must, consult with experts and take security measures to protect yourself.
- Perform routine vulnerability scans or hire an internet security company like McAfee to do it for you.
- Select your hosting company carefully – ensure it’s a reliable and secured provider, updated with the latest PHP version.
- Conceal the admin login – displaying the admin login area invites troubles.
- Last but not least –
Backup your content, database, media and any other external application you use!