Joomla is an open-source CMS, it is supported and maintained by millions of Joomla users around the world. Though it is not easy to hack a Joomla website, because of its robust security features, but at times due to the negligence on part of developers the website becomes vulnerable to hacking.
Streamlining Python Development: A Guide to a Modern Project Setup
10 Tips to secure your Joomla website from hackers
1. 10 Tips to secure your
Joomla website
By convergence IT Services
https://support.convergenceservices.in/
2. What are we going to see here?
Why your Joomla website got hacked?
10 ways to prevent Joomla website
hacking
Who are we?
Contact us
3. Why your Joomla website got
Hacked?
Joomla is an open-source CMS, it is
supported and maintained by millions of
Joomla users around the world.
Though it is not easy to hack a Joomla
website, because of its robust security
features, but at times due to the
negligence on part of developers the
website becomes vulnerable to hacking.
4. 10 ways to prevent Joomla website
hacking
Keeping hackers at a distance is not a
rocket science but at the same time it
should not be overlooked. Next 10 slides
shows some of the common yet least
understood reasons to why hackers
sometimes become successful to hack
Joomla websites.
5. 1. Change the default database
prefix (jos_)
Hackers are different breed they do all
they can to hack websites and one of the
most common way is to write code that
will try to retrieve data from the
jos_users table. This helps them to
retrieve all the username and password
from the super administrator of the
website. To safeguard your website from
such attack it is highly recommended to
change the default prefix to random
prefix.
6. 2. Keep your Joomla version
updated
Joomla CMS regularly releases its updated
version by removing the existing bugs, and
adding enhanced security features. Keeping your
website up-to-date with the latest version can
fix many of the vulnerability and keep your
website safe. Though it is quite a task to keep
on updating to the latest version when you have
plenty of extensions like components, plugins,
templates, modules and languages to upload but
all the effort is worth to ensure the security of
your website.
7. 3. Change your .htaccess file
Joomla CMS by default has write
permissions to .htaccess file since joomla
has to constantly update it when you are
using SEF or Search Engine Friendly url.
Due to this your website becomes
vulnerable for attacks so it is advisable
for you to set your .htaccess permission
to somewhat 444(r-r-r-) or maybe
440(r-r--) or something similar.
8. 4. Get away with old extensions
and Remove leftover files
Keep your extensions up-to-date, remove the
old and unsupported extensions and find a
suitable alternative to it. Many times it
happens that you have installed an extension
but due to some reason you don’t like it or it
does not serve your purpose, what you do?
Keep it unpublished, or let it be there
forever? This is very close you can come in
compromising your website. All you need to
do is use a simple and harmless uninstall
feature, get rid of those unwanted
extensions and heave a sigh of relief.
9. 5. Remove version number and
name of extensions
You are a developer and you must know
the ABC of Joomla security yet how many
times you have slapped your hand to your
head in dismay to know that you forgot to
remove the version number and name of
extension giving easy entry to hackers.
It’s better late than never. If you have
not done this do it right away.
10. 6. Do not give write permission
on your *.php files
This is another reason why hackers
exploit your website. Giving write
permission on your Joomla *.php files
can be a very reason why Mr.Hacker visit
your website and hack it effortlessly.
You should always take an effort to set
the permission of all you *.php to 444.
11. 7. Do not give execute
permission on public directories
We become so much engrossed with our creation
that we forget something very basic and
important to keep hackers at bay. One of these
is giving execute permission on Public
directories. These directories let users to
upload their files and if the directories allow
scripts to run and if that script turns out to a
malicious then it becomes easier for hacker to
get the website infected. Just give a permission
of 766 on all public directories and reduce the
chances of hacking your website.
12. 8. Do not give all possible
permission to the database users
After setting up the Joomla website it is
important that a database user should
not be given all the possible permissions
like
INSERT
rows,
UPDATE
rows, DELETE rows, CREATE tables etc.
Joomla database user should be given
only necessary permission to keep the
risk of hacking through vulnerable exploit
to minimum.
13. 9. Hacking through your
vulnerable web-server
Most of the time developers go by rule book of
Joomla website hacking, which does not mention
that sometime going for cheap and unreliable
web-hosting can be the reason. Just to save few
dollars users sometimes opt for cheap webhosting service provider and compromise on
their website security. When all is said and
done, this is very easy to solve all you need to do
is change your web-hosting services provider
and cheer up.
14. 10. Thinking you are
invincible
Whether you are a small business or a
large multi-billion dollar conglomerate you
are never safe unless and until you make
these measures as your routine exercise.
Hackers are lurking everywhere finding
vulnerability to the websites to hack it.
Your crucial data, financial details and
private information will be in peril if we
don’t give heed to the wisdom of Joomla
website security. As the age old proverb
goes, “Prevention is always better than
cure” still hold true today.
15. Who are we?
We are Convergence IT Services, software and
web development company our exclusive website
maintenance services Convergence support
Desk offers you various Joomla and other
website maintenance service plans. Loaded with
tons of features and backed with expert team
members this service allows your business to
scale and flourish.
16. Contact us
Call: 022-2513 6632
Mail: contact@convergenceservices.in
website: support.convergenceservices.in