Latest Blogs
![[Important] Limited support on Lunar New year holidays 2020](http://www.templaza.com/images/easyblog_articles/588/b2ap3_large_limited-support-lunar-new-year.png)
-
Tips to Keep Your Joomla! Website Secure
Joomla is a popular Content Management System (CMS) that is used by thousands of people across world. If you own Joomla sites, it is important for you to take the necessary and practical steps to protect them from the most common security holes, malicious attacks, hackers, and spammers and help keep your site safe and secure.
Here, we provide you with some simple hints and tips to optimize Joomla! security
1. Make sure your Joomla site is kept up-to-date
If you leave your website without updates for a long time, the potential chance of being hacked will increase accordingly. Older versions of Joomla usually contain security holes, vulnerabilities and bugs. Therefore, with the installation of the latest Joomla version, they will be fixed and resolved with the latest fixes and security patches. Keeping your site up-to-date, the risks of attack will minimize.
2. Ensure that you are not using out-of-date and vulnerable extensions and only install reliable and community-trusted extensions
You need to make sure that you always have and update the latest version of the extensions whenever there’s a new one. Keeping your Joomla extension up to date both helps improving security at high level and makes your joomla run faster.
Besides updating Joomla extensions, using trusted extensions is the important part of securing your Joomla website. Before installing any extension, you should check: how many people downloaded/reviewed the extension. If the number is small, you should find another one instead. Don’t forget to see the reviews by other users. Do they complain about security issues about the extensions?...
Lastly, cleaning up unused extensions also can eliminate unseen vulnerabilities and help speed up your joomla too.
3. Use strong username and password for login details and change your passwords regularly
You need to use unique username and password, especially, pay attention to your password. Instead of choosing random passwords, a safe password consists of at least eight characters and includes letters, capital letters, numbers and special characters. You should avoid personal information in passwords like your personal or family name or birthday which is guessed easily. Not only to choose a secure password but also change them regularly including: the password of the “admin” user, the FTP password, the MySQL password, the hosting password (e.g. the cPanel password).
4. Change the default Joomla database table prefix
When you're installing Joomla, you had better change the table prefix for the database Joomla uses from the default value. But if you skip this part and move to the installation, you still can easily change the prefix by clicking the 'Database Table Prefix Editor' button, it will open the Prefix Editor and display your current database prefix along with automatically suggesting a new one (although you can override this with your own preferred prefix). Simply click the 'Change my prefix' button to immediately perform the change, helping prevent any potential hackers from trying to access tables in the database.
5. Use a SEF component that makes your Joomla more secure
As you know, a SEF component is used to make your Joomla url get a higher rank in Search Engine Friendly. But a good SEF component can do more than that, it also increases security for your Joomla. Using a SEF component to re-write your URL's will prevent hackers from finding the exploits.
- Login into the Administration area
- Click on “Site/Global Configuration”
- Click on the “Site” tab
- Select "Yes" next to Search Engine Friendly URLs
You can click here to see SEF components
6. Install security extensions
Joomla! security extensions (website firewall) assist to protect your Joomla! website from intrusions and hacker attacks. There are several additional extensions that you can view and download from the Joomla Extensions Directory. You can search and install a suitable and highly recommended one to increase your sites security.
Click here to view security extensions
7. Disallow User Registration
If your webpage isn’t a community or social network, you should disallow user registration for security reasons by following these steps:
- Login into the Administration area
- Go to "Users/User Manager" and find the Options tab at the top of the page
- You will see the option "Allow User Registration", and then set “No” for “Allow User Registration”
- Click “Save” button
8. Use a secure web host
A good host will ensure your site safe. You need to check your hosting provider is using the latest version of PHP, Apache, MySql, phpMyAdmin, and cPanel. Contact to your server to update them.
9. Change the default permissions on your Joomla .php files to restrict editing or overwriting
You can set permissions on some important .php files to control what other people can do with your files, also to make it harder for hackers to overwrite your files:
- Set the permission of /index.php to 444
- Set the permission of /configuration.php to 444
- Set the permission of /templates/*yourtemplate*/index.php to 444
- Set the permission of the folder /templates/*yourtemplate*/ to 555
10. Change your .htaccess file
Adding .htaccess file to block out database and some common file exploits.
11. Disable the FTP Layer
For the majority of Joomla installations the FTP layer is not required, so we recommend that you disable this.
- Login into the Joomla administration
- Go to “Site/Global Configuration/Server”
- In “FTP Settings”, select “No” for the “Enable FTP” option.
- Click on the “Save & Close”
12. Do not allow users to upload scripts to your website
Allowing a user to upload files or scripts to your website is like opening another door for a malicious file to compromise your server. Although uploading files is a necessity for any web application with advanced functionality, you should take caution and think carefully. If you feel scripts necessary for your website to have a feature, ask some Joomla security experts for advice if it should allow people to upload them.
13. Review the joomla security checklist
Joomla Security Checklist will allow your site to be always protected. It is good to review and follow the hints and steps in checklist to keep your Joomla site secure.
You can have a look at this link for more information about security checklist from Joomla
14. Run a vulnerability scan
Vulnerability scan analyzes and helps to search and eliminate security vulnerabilities of applications, installed on your computer, and in operating system settings.
Here is some vulnerability scans you should know
15. Setup a backup and recovery process
Take time to make a strong backup and recovery protocol for your live website. Having a full backup of your website is important to the recovery process.
You don't need to create a full backup often. Because Joomla stores all the data you create in a database, you only need to do it when you've installed or updated extensions.
If you find this post helpful, please take action by clicking the social media share buttons to like and share it. Also do you have questions or comments about optimizing your Joomla website secure? Let me know in the comment section below.
Thanks for sharing!
About the author
Most Popular
"What is the best font to use with FLAT UI Design?" This seems to be a big question when it comes to Flat design.34632 Hits
As you know, Css Hover Effect plays as an important role in developing a website.In this post, I would like to give you some best free css hover effects which can help your site become more attractive...13198 Hits
The importance of fonts for a WordPress website is undeniable because different fonts have different levels of readability, reader friendliness, and different personality and style affecting greatly t...9682 Hits
A gallery to display your photos will decorate your webpage and can surely make it look more professional and lively. There are numerous Joomla! photo gallery extensions out there, and choosing a righ...8997 Hits
Nowadays, owning a website is an efficient way to not only show the world what services you're providing, but target more potential clients, as well as improve readership. Joomla is a free and pr...5250 HitsTag Cloud
Templaza birthday Php version Beta 3 NGOs Eventory theme Updates Jollyany Video Joomla article Subcriptions Likes Maniva Fancy search Card Ab testing Magazine wordpress theme Install Wordpress plugins Event template Usability Collection One Page Band Joomla responsive template Beta version Load position Event & conference themes Multilingual plugins Coupon GSoC Musicband Cyber monday Non-profit Joomlatemplates Components Parallax 90% New feature Bootrap Blog themes Free help desk extension Responsive template Purchase Tips link expired Memorial day Niory Free extension Release candidate Drinks Sitelinks Plazart 5.0 Bangalore Lawyer Lunarnewyear Photography agency Wordpress updates Google map Limitedsupport Templates Google Summer of Code Visual composer Font Presets Shop Captcha Special sale Testing Dribbble Joomla tutorial Joomla website Seo plugins Tag New Year 2019 Tz plus gallery pro Vdesk Drunk drunk Search engines kavin ii Joomla! 3.5.1 Seo ultimate Lifetime package TZ Portfolio+ Car theme Online reservation Articles Font design Graphic vector Russia Sale off Virtuemart Loadposition Vulnerability Create module Joomla templates Optimization Super sale Ui kit 8 days left Fashion junkie ui kit Joomla 1.7 Jollyany3.0.4 Architect Instagram API Design Seo pressor Xss Username Music band Florida 40% Subscription Internal search pages Variations All in one 2016 Tet holiday Layers wordpress Nicanian i Http Event Christmas Reasons Top commenter Load module Bike shop Seo friendly Error New wordpress Jevent File management Astroid Framework Joomla event Multilingual site Loading css Jollyness Gallery plugins Music templates Meetup joomla template Space home Gnad park Version 1.3 Bug-fixes Themes 5000 Group Members Oraz image protection 20% Jollyany3.0.3 WEDDING FUCHSIA Tz portfolio OneClickInstall Price Bloggers E-commerce Joomla 3.x Ticket Kuala lumpur Translation Flat ui Ghana Other vehicle site Recaptcha Fitness Trend Extension Labour day Easter holiday December releases Photograpy Kids care Italy Solidres fonts Bug fix release Malaysia DemoContent Austria Gym Fitness Architecture Flat design Shopify Hapy new year Liona wordpess theme Best themes 50% off Jomres Only 01 day SaleOff Bootstrap 4 Script Wordpress tutorial interior design Version 1.1 Change name Joomladay Web design trends 2016 language override Free slideshow module Film theme google fonts Booking website Megamenu Infographic Posts Portfolio Photo template Passwords Search tool Template 2-9 Joomla extensions web design K2 amita Backup plugins Login form Security release Responsive New year 2016 May day The best porfolios Fashion semona 30% discounting Copy Optimize loading time Image optimization The space Slideshow Version 3.0.12 Custom html Lawyer justice Vulnerabilities Birthday Calendar Simple ui kit Dekor Payment Plazart 5.5 Marketing website Gallery extensions Prettyphoto New home live chat plugins Child template Xmas elementor Forum Free effect Decorataion Boost conversion Summer sale right click Space film Writing editors LawFirms Website Booking system Tools World travel ii wordpress plugin Coding workflow Editor App New position Contact Simple love Version Joomla 3.4.7 Free templates Henry Social media Kavin May update Freebie Astroid Free icon Web design Dribbble invitation Optimize images Invitation Big sales Theme Customer Membership packages Index word Photo Blog wordpress themes Images Icon Plugins Instagram 1040 Night Club Insert Install Freethemes Create database labor day Big off Jvisual content Ipage Okno Tet Multilingual wordpress site Kavin II Music Addon Ideas Education wordpress theme how to Facebook access token event templates FundRaising Acymailing Joomla 3.6 New release Halloween Translate themes Joomla! 3.6 Expectation Auto showroom theme May Day visual composer Joomla 3.4.8 Tempplaza Supper sale Sale Event Calender Forget password link Free backup plugins Free plugins Update Joomlaextensions New service 3.7.4 Readers Awardspace Rs joomla Suggestions Meetup Tz plus gallery Wordpress plugins Attorneys font combinations Aventura Category Extra field Wedding fuchsia Wordpress 4.5.2 Easter day Layers wordpress theme Blog comment 3.4.6 Joomla site Joomla3.9 Spa Robotic ui kit Effective copywriting Speed up Joomla template plazart Security Preview module position Translate Cpanel help desk plugins Gems ui kit Musika Flat font Mendoza wordpress theme One page 404 page News Responsive theme Joomla day uk Web security Lifemag Semona agency joomla Modules Lania Loadmodule WordPressthemes Joomladay paris Sitemap China Hikashop Joomlashine Member site Payment gateways Hover effect Tz map Introduction Migrate Joomultra 30% discount Salons Lunar new year Keywords Version 3.1.7 Moscow Interior theme Joomla birthday Off support Background image External links Access token Templaza membership Up to 35% discount Joomla3.9.x Liona joomla template Seo ninja Interior template web design trends 2019 Ethic template Typography Ethic USA Independence Day Falang Dino Host1plus Joomla template 10th Designer Shoot Difference Foodz Donation anti-spam Themeforest Joomla 3 Discounting Web designs Envato Joomla 3.7.x Discount E4j Clubs Multipurpose event themes Everline joomla template Support system Best theme Paragraph content spam New year NewAge Kunena One page wordpress theme Join Fashion Charity template Css editor Exception page builder plugins Construction Eventory Latest themes Multivariate Html Bike sport Pre-loading Custom work Creative free plugins January sale Business template Thanksgiving day Wordpress seo plugins Archives Folia ui kit Jwc2017 Everline wordpress theme FreeTemplates SummerSale Exclusive Art Gallery Templaza themes Copywriting Topics Everline Google search box Page builder Pdf Writers Building Web-design in 2018 Joomla extension Use Profiler TZPortfolio Events and conference templates Jwc2015 Plazart framework Joomla 3.6.2 Website performance Off sale Marketing online Joomla day Agency 2017 Meloul Yoast Working topic Wordpress sites Split screens Charity Best joomla template Jooma contact form Magazine Unzip Education template Virtuemart 3 Wordpress 4.5 Multilanguage website Joomla 3.7 India How to Overview Translation plugins memberships Best gutenberg disable right click spam Joomla festival Discount event Free translation plugins Showcase Tz gallery plus Media type Joomla roadmap Joomlaforce Wordpress themes 3.7.1 Wedding Black friday Icon font Wedding Fuchsia Loader Nicanian ii April update Rome Netherlands Decompress Onepage Sign up Multipurpose wordpress theme Ui shopping kit All subscriptions Layout Category list SPPageBuilder Multilingual Joomlamodule Timeline Extensions 4years facebook token Wordpress theme Team-up Uninstall plugins Zopim access token Css Update wordpress sites 3.7 interior theme Conversion Frontend Editor TZ Portfolio+ Pro Theme collection Wpml Resonsive Multipurpose onepage 10k Newversion Car shop Titania Lifemag wordpress Best fonts Elearning theme Username and password links Update safely Pricing Addon Templaza newrelease Wordpress seo by yoast LawyerJustice Security vulnerabilities Food 2015 Joomla 3.5 Features Support Niory template Quickstart Music Joomla 2.5 30% off Wedding event automotive themes Trends Easyblog Tz_video Portfolio templates Freefont Tz google map Blog post Animation Joomla 3x Limited support Social sharing lunarnewyear2019 Interiart Psd J2store Joomla module Ecommerce 50% Jooma 4 Joomla 3.7.3 Steps Logistics Free font Joomla Hover Booking joomla templates TZPortfolio+ shutdown Joomla 3.8.x 30% OFF Newyear2020 Copy style User interface Basic Free icon font Thanksgiving Ghost buttons Christmas 2018 Tour booking Updated Announcement Jaguarian Fanpage Young fitness Flat ui design wordpress plugins Google authorship Tz portfolio plus Course Https Membership subscriptions tzmovingletters Travel booking Music Theme Social sharing plugins Partnership Bt google maps Fullscreen wordpress 5.0 Non-profit organization Catchy title Deal disable gutenberg Responsive joomla template Loco translate Membership Subcription Google+ Xmas 2015 Mendoza URLs Jwc Protection Auto Showroom Personal blog Latest Sef component Easter Day 9fashion XMLSitemap Wordpress Semona Jwc2016 Discount program wpbakery page builder Blogplaza Night club Seo Nishii August Upcoming release Film campaign Developer package Meta description
