We always tell you about how important it is to do a good security maintenance on your website. Joomla is the second most used content manager in the world. So, it is a must to take care of your Joomla security.
Whether you manage your own website or manage your customers’ websites, carrying out these security tips can save you a lot of time and money. But above all, it will help you to protect your brand or that of your customers in front of your customers or his/her customers.
7 basic security tips for your Joomla
How to get your Joomla away from malware, virus and hacker infections?
Update Joomla and all its components
Like any CMS and its components, Joomla has constant updates. In many cases they include security patches for detected vulnerabilities.
On average Joomla releases new updates every two months and more often in the case of security patches. Joomla itself and most of its components show you when they need to be updated. And if you want to have everything centralized and receive notifications, one of the features of the Detect and Clean and Clean and Protect plans is to inform you about the security vulnerabilities of your Joomla, its components and how to solve it.
Joomla Backups
Having a backup of your Joomla is the most basic point in maintaining security. Making backups automatically is critical to being able to minimize the impact of a malware infection or attack. You may have deleted content from your website, but even if that is not the case, you will need that copy of your Joomla during the cleaning process.
It is important to have a clean copy of your website. In Joomla you have several very simple alternatives to make periodic backups like the Akeeba Backup extension.
Protect Joomla files and folders
It’s a basic tip, so the recommended Joomla permissions are:
- All files in 644
- /configuration.php in 640
- All folders in 755
Stay with only the necessary
Delete everything you do not use: old templates, extensions or backups. It is imperative that your Joomla website only contains the things you use. Any additional component or extension is an unnecessary vulnerability.
Joomla admin password
It may seem obvious but weak usernames and passwords are one of the main reasons hacking a website. There are very advanced and automated methods to find out the credentials of any web. Using strong passwords is more than necessary.
For example, using names like ‘admin’ or simple passwords where letters are changed by numbers are the first things a hacker tries to access a website. It can be cumbersome to remember all the passwords. However, today there are tools like KeePass that securely store all your passwords.
There are also solutions, such as our firewall service included in one of our plans, that block brute-force attacks on your website.
Do not share access data unsafely
Another common mistake is to share the data in an insecure way. For example using media such as mail or even in forums. The credentials of your Joomla must be totally private and shared only by secure means in case it is totally necessary.
If you also create new users, and even more so if they are administrators, remind them to change their Joomla access password right away. Regardless of the medium in which you have passed the credentials.
Choose your hosting
Make sure about your hosting conditions and security measures. Especially if you use a shared hosting (even if you have a server or VPS for you with several Joomla yours inside).
0 Comments Leave a comment