P2Dpro
Home

11 Tips for more Security

Mainly based on the Joomla Security FAQs we created a quick checklist to make your Joomla-site less vulnerable for hacker attacks. These are probably not the top 11 tips, but at least those where GuardXT can help you. GuardXT is the joomla administrator component that helps to increase the security of your site, regarding these topics.

1.) Be informed about known Joomla vulnerabilities

Subscribe to the Joomla security news. Usually they provide fixes incredibly fast.

2.) Keep Joomla! and your components up to date

The latest versions of Joomla! and 3rd party components usually are safer than older versions.

3.) Ensure proper permissions of files and folders 

File permissions 644 and folder permissions 755 are considered to be a good trade-off between security and functionality.

4.) Protect your configuration.php file

configuration.php is probably the most critical file of any Joomla installation. Make it at least unwriteable.

5.) Use a .htaccess files

Even if you're not using SEO, the .htaccess file that comes with Joomla blocks some common exploits

6.) Rename the default admin user

Everybody knows that your admin site most likely is accessible via /administrator, everybody knows the defualt admin user... makes getting admin access a lot easier.

7.) Protect your admin directory

The most sensible part of your Joomla! site is the administration site. Make sure this well protected, e.g. by adding additional password protection.

 

8.) Make log and temp folders unaccessible

Make sure your log and temp files are not in Public HTML folders.

9.) Clear the tmp folder

Remainders of old - vulnerable components might be in there.

10.) Recognize when your site was hacked and act fast

Often hacks are very obvious, because your site is de-faced. However the not as obvious hacks are much more dangerous. If files on you server were modified or added without good reason you should immediately act.

11.) Use secure PHP settings

Make sure your PHP configuration meets some security standards. Try using local php.ini files if you don't have access to the global php.ini.

 

 

 

 

Legal

Disclaimer
Terms of Sales

Get in touch

Contact
Follow us
Feeds

Search

This site is hosted by


Copyright © 2003-2009 by JoomlaXT! Template based on afterburner by Rockettheme
Joomla!(TM) is the trademark of Open Source Matters, Inc in the United States and other countries. The Joomla! name and variations on it utilizing shortforms for it such as J, Joo, Joom, etc, used on this site, is used under a limited license granted by Open Source Matters. JoomlaXT! is not affiliated with or endorsed by Open Source Matters or the Joomla! Project.