Latest Blogs
-
Tips to Keep Your Joomla! Website Secure
Joomla is a popular Content Management System (CMS) that is used by thousands of people across world. If you own Joomla sites, it is important for you to take the necessary and practical steps to protect them from the most common security holes, malicious attacks, hackers, and spammers and help keep your site safe and secure.
Here, we provide you with some simple hints and tips to optimize Joomla! security
1. Make sure your Joomla site is kept up-to-date
If you leave your website without updates for a long time, the potential chance of being hacked will increase accordingly. Older versions of Joomla usually contain security holes, vulnerabilities and bugs. Therefore, with the installation of the latest Joomla version, they will be fixed and resolved with the latest fixes and security patches. Keeping your site up-to-date, the risks of attack will minimize.
2. Ensure that you are not using out-of-date and vulnerable extensions and only install reliable and community-trusted extensions
You need to make sure that you always have and update the latest version of the extensions whenever there’s a new one. Keeping your Joomla extension up to date both helps improving security at high level and makes your joomla run faster.
Besides updating Joomla extensions, using trusted extensions is the important part of securing your Joomla website. Before installing any extension, you should check: how many people downloaded/reviewed the extension. If the number is small, you should find another one instead. Don’t forget to see the reviews by other users. Do they complain about security issues about the extensions?...
Lastly, cleaning up unused extensions also can eliminate unseen vulnerabilities and help speed up your joomla too.
3. Use strong username and password for login details and change your passwords regularly
You need to use unique username and password, especially, pay attention to your password. Instead of choosing random passwords, a safe password consists of at least eight characters and includes letters, capital letters, numbers and special characters. You should avoid personal information in passwords like your personal or family name or birthday which is guessed easily. Not only to choose a secure password but also change them regularly including: the password of the “admin” user, the FTP password, the MySQL password, the hosting password (e.g. the cPanel password).
4. Change the default Joomla database table prefix
When you're installing Joomla, you had better change the table prefix for the database Joomla uses from the default value. But if you skip this part and move to the installation, you still can easily change the prefix by clicking the 'Database Table Prefix Editor' button, it will open the Prefix Editor and display your current database prefix along with automatically suggesting a new one (although you can override this with your own preferred prefix). Simply click the 'Change my prefix' button to immediately perform the change, helping prevent any potential hackers from trying to access tables in the database.
5. Use a SEF component that makes your Joomla more secure
As you know, a SEF component is used to make your Joomla url get a higher rank in Search Engine Friendly. But a good SEF component can do more than that, it also increases security for your Joomla. Using a SEF component to re-write your URL's will prevent hackers from finding the exploits.
- Login into the Administration area
- Click on “Site/Global Configuration”
- Click on the “Site” tab
- Select "Yes" next to Search Engine Friendly URLs
You can click here to see SEF components
6. Install security extensions
Joomla! security extensions (website firewall) assist to protect your Joomla! website from intrusions and hacker attacks. There are several additional extensions that you can view and download from the Joomla Extensions Directory. You can search and install a suitable and highly recommended one to increase your sites security.
Click here to view security extensions
7. Disallow User Registration
If your webpage isn’t a community or social network, you should disallow user registration for security reasons by following these steps:
- Login into the Administration area
- Go to "Users/User Manager" and find the Options tab at the top of the page
- You will see the option "Allow User Registration", and then set “No” for “Allow User Registration”
- Click “Save” button
8. Use a secure web host
A good host will ensure your site safe. You need to check your hosting provider is using the latest version of PHP, Apache, MySql, phpMyAdmin, and cPanel. Contact to your server to update them.
9. Change the default permissions on your Joomla .php files to restrict editing or overwriting
You can set permissions on some important .php files to control what other people can do with your files, also to make it harder for hackers to overwrite your files:
- Set the permission of /index.php to 444
- Set the permission of /configuration.php to 444
- Set the permission of /templates/*yourtemplate*/index.php to 444
- Set the permission of the folder /templates/*yourtemplate*/ to 555
10. Change your .htaccess file
Adding .htaccess file to block out database and some common file exploits.
11. Disable the FTP Layer
For the majority of Joomla installations the FTP layer is not required, so we recommend that you disable this.
- Login into the Joomla administration
- Go to “Site/Global Configuration/Server”
- In “FTP Settings”, select “No” for the “Enable FTP” option.
- Click on the “Save & Close”
12. Do not allow users to upload scripts to your website
Allowing a user to upload files or scripts to your website is like opening another door for a malicious file to compromise your server. Although uploading files is a necessity for any web application with advanced functionality, you should take caution and think carefully. If you feel scripts necessary for your website to have a feature, ask some Joomla security experts for advice if it should allow people to upload them.
13. Review the joomla security checklist
Joomla Security Checklist will allow your site to be always protected. It is good to review and follow the hints and steps in checklist to keep your Joomla site secure.
You can have a look at this link for more information about security checklist from Joomla
14. Run a vulnerability scan
Vulnerability scan analyzes and helps to search and eliminate security vulnerabilities of applications, installed on your computer, and in operating system settings.
Here is some vulnerability scans you should know
15. Setup a backup and recovery process
Take time to make a strong backup and recovery protocol for your live website. Having a full backup of your website is important to the recovery process.
You don't need to create a full backup often. Because Joomla stores all the data you create in a database, you only need to do it when you've installed or updated extensions.
If you find this post helpful, please take action by clicking the social media share buttons to like and share it. Also do you have questions or comments about optimizing your Joomla website secure? Let me know in the comment section below.
Thanks for sharing!
About the author
Most Popular
"What is the best font to use with FLAT UI Design?" This seems to be a big question when it comes to Flat design.43455 Hits
As you know, Css Hover Effect plays as an important role in developing a website.In this post, I would like to give you some best free css hover effects which can help your site become more attractive...16817 Hits
The importance of fonts for a WordPress website is undeniable because different fonts have different levels of readability, reader friendliness, and different personality and style affecting greatly t...13079 Hits
A gallery to display your photos will decorate your webpage and can surely make it look more professional and lively. There are numerous Joomla! photo gallery extensions out there, and choosing a righ...10486 Hits
Nowadays, owning a website is an efficient way to not only show the world what services you're providing, but target more potential clients, as well as improve readership. Joomla is a free and pr...7566 HitsTag Cloud
Expectation One page wordpress theme Design Non-profit Website performance Joomla! 3.6 Lifetime package Film theme Business template New home Lunar new year Plazart framework Tag Tz google map Ghana Christmas 2018 Google search box Free translation plugins Loading css Catchy title Jollyness Multipurpose 9fashion Blog comment Maniva Joomladay Newversion 2015 Band Change name Error Bug fix release Decompress Background image gutenberg Joomultra Support Wedding Category list Join Recaptcha Posts Multilanguage website Animation Kunena Facebook access token Joomla article OneClickInstall Mendoza wordpress theme Car theme Variations Tz portfolio E4j Hikashop Modules Template right click Foodz Wordpress 4.5.2 Paragraph Building 2017 Musicband Layout Christmas Video One Page Multipurpose onepage Google authorship Working topic Best Migrate Florida Cyber monday Jwc2016 Okno Booking Art Gallery Card Wordpress sites URLs Easter day Difference April update SummerSale Search tool gallery Clubs LawyerJustice Xss Deal Meetup joomla template Agency Beta version Dino Seo ninja TZ Portfolio+ Pro Slideshow Spa free plugins WordPressthemes Tz portfolio plus Joomla Google map Eventory Memorial day Joomla 3.5 live chat plugins Forget password link Themes Fashion Translation Gnad park Joomla day Music Construction Blog post Pdf kavin ii Designer Calendar Meetup Gallery plugins 2-9 Niory Split screens Install Purchase TZPortfolio Ipage Tz map Joomla 3 page builder plugins Social sharing plugins Payment gateways Optimization NewAge Sef component Unzip Instagram China Bug-fixes One page Writing editors Font Night club Joomlashine The best porfolios Joomla 3.7.x amita 3.4.6 Joomla day uk Wordpress updates Graphic vector Astroid Framework Netherlands how to Support system Partnership Seo File management Subcriptions Fancy search Oraz Kavin II External links Wedding Fuchsia Version Ui kit Bootrap Wordpress tutorial Writers Creative Easter Day Hover May update Young fitness Overview Loadmodule New position 3.7.1 Uninstall plugins Events Security vulnerabilities Pre-loading New wordpress Everline Food User interface Malaysia Sitelinks Articles Copywriting May Day Plazart 5.5 Updates Tips Tools Attorneys Summer sale Nicanian ii Copy style Wedding fuchsia Forum Joomla extensions Wordpress Birthday Captcha New release Pricing Addon Dribbble invitation Extensions Effective copywriting Lawyer justice Discount SPPageBuilder Free slideshow module Vulnerability Passwords Boost conversion web design trends 2019 Austria Onepage Username Special sale Festival Event template Marketing website Tet holiday Http Nishii Lania Free backup plugins Page builder Templaza Portfolio event themes Wordpress theme Flat font Host1plus joomla templates Gym Fitness Loader Astroid Icon Only 01 day 4years Insert December releases Home Boat Sale off Trends Translation plugins Reasons Copy Joomla roadmap Best fonts Joomla 3.x fonts Likes App Joomla 3.4.8 Joomlamodule Black friday FundRaising Joomla extension Latest Testing Zopim Editor Everline joomla template Exception Usability J2store Jooma contact form Photo template Templaza birthday spam Resonsive Developer package Version 1.1 Free effect Freethemes interior design Space home Sitemap Membership Wpml anti-spam Architecture Simple love Wordpress themes India Big sales Yoast Instagram API Announcement access token Vulnerabilities image protection Online reservation Nicanian i Parallax Jomres Custom work link expired Joomla festival Aventura Marketing online Update Membership packages Backup plugins Introduction Payment Conversion Event Calender Joomla template plazart Musika Templates XMLSitemap Infographic WEDDING FUCHSIA Subcription Multilingual wordpress site 10k E-commerce 30% off Jooma 4 Timeline NGOs Best theme Extension Personal blog Fanpage Joomla 1.7 Joomlatemplates Joomla tutorial Presets Access token tzmovingletters Valentine Wordpress seo by yoast Music band Easter holiday wordpress themes Optimize images language override Multilingual 5000 Group Members Blog event templates Donation Mendoza Contact 10th interior themes Tour booking Kuala lumpur Acymailing wordpress plugins Index word Tz plus gallery Gems ui kit Layers wordpress theme Web design trends 2016 Joomla3.9 40% New service TZ Portfolio+ Tz_video Ticket Space film Install Wordpress plugins Education template Child template Moscow Create database Php version Easyblog Psd Load module Flat ui TZPortfolio+ How to autoshowroom rental Multilingual site Jwc2017 Gallery extensions Joomla 3.7.3 Load position Elearning theme Suggestions Auto showroom theme Other vehicle site Event Release candidate New year Best themes Envato Joomla site Jaguarian DemoContent Plugins Everline wordpress theme Joomla! 3.5.1 Google Summer of Code Shoot Free icon Invitation News Bootstrap 4 Off sale Showcase Jollyany3.0.4 Wordpress seo plugins disable gutenberg Web designs Keywords Joomla 3.7 Flat ui design Music templates Version 3.1.7 Discounting Interiart Photograpy Search engines Non-profit organization Fashion junkie ui kit elementor Create module Events and conference templates Ui shopping kit Charity template Optimize loading time 404 page Joomla event Tet Meta description Security facebook token Joomladay paris 20% Responsive template Simple ui kit visual composer Joomlaforce Readers Tempplaza web design covid19 Photography agency 90% interior theme Joomla 3.6.2 Robotic ui kit Team-up Xmas 2015 Big off wordpress 5.0 Virtuemart Jvisual content 30% discount Free font Discount program Multivariate Fitness Lifemag Ab testing automotive themes Multipurpose wordpress theme Typography Web-design in 2018 USA Independence Day Lunarnewyear Music Addon font combinations Website Jollyanyframework SaleOff Exclusive Shop Internal search pages Blogplaza Eventory theme Username and password links Semona Folia ui kit Login form Joomla website Awardspace Security release Specialoffer framework disable right click Event & conference themes Ethic template Use Portfolio templates Best joomla template Image optimization Preview module position interior website All in one Freebie Halloween Bike shop Ghost buttons Flat design Charity New feature Trend Jevent Henry Theme collection Up to 35% discount Update safely Off support Limitedsupport Shopify Coding workflow 3.7.4 Auto Showroom autoshowroom Rs joomla Member site Joomla 3.8.x Fashion semona Tz gallery plus Free icon font Virtuemart 3 Architect January sale Hover effect Russia 50% off Interior template Tz plus gallery pro Freefont Media type Joomla3.9.x Update wordpress sites Joomla birthday Super sale Steps Responsive theme Limited support Joomlaextensions Joomla template Personalbundle Joomla 3.6 Price Collection Version 3.0.12 Lifemag wordpress Extra field termofuse Wordpress 4.5 Bloggers Seo ultimate Liona wordpess theme Logistics Thanksgiving Category Discount event Joomla 2.5 socialgallery Beta 3 Top commenter Free templates Multilingual plugins Booking website Car shop Drinks Decorataion Car Dealership Cpanel Templaza themes google fonts Latest themes Semona agency joomla Loco translate Rome Themeforest Quickstart Web design help desk plugins Megamenu Jwc2015 Booking system Travel booking Thanksgiving day 30% discounting Sale Topics Plazart 5.0 Components Falang 8 days left Social media Css 1040 Night Club Joomla module Solidres Bt google maps Course Sign up Liona joomla template Layers wordpress Joomla responsive template Lawyer Vdesk LawFirms New year 2016 Web security The space 2016 Https August Magazine Theme Visual composer Free plugins Customer Magazine wordpress theme Loadposition FreeTemplates May day lunarnewyear2019 Dekor Joomla 3x Icon font 50% Seo pressor Templaza membership Translate themes wordpress plugin K2 Photo shutdown Speed up Custom html Version 1.3 Bangalore Ideas Free Subscription Ecommerce Xmas Responsive Supper sale labor day 30% OFF Joomla 3.4.7 Blog themes Free extension Font design Film campaign Free help desk extension 3.7 Interior theme Meloul Images Drunk drunk Jollyany3.0.3 Seo plugins Kavin Jollyany Kids care Dribbble Wordpress plugins imagegallery Features Music Theme Newyear2020 Membership subscriptions Translate Wedding event Protection Labour day Conference themes Google+ content spam Responsive joomla template Titania Profiler World travel ii GSoC Bike sport New Year 2019 memberships Coupon Jwc Fullscreen Joomla templates Niory template Archives Education wordpress theme Social sharing All subscriptions Upcoming release Script Frontend Editor Italy Hapy new year Basic newrelease Salons Updated Html Prettyphoto Ethic wpbakery page builder Css editor Seo friendly
