Updated server softwarePHP, MySQL, Apache, FTP Server...
Permissions & ownershipWho can do what and where
Sane ownership &permissionsAll ﬁles and folders owned by the FTP userUse Joomla!’s FTP mode on shared hostsFolders 0755 permissions • Files 0644 permissionsIf you “must” use 0777 (don’t!), protect with .htaccessorder deny, allowdeny from allallow from noneBetter yet, use suPHP or FastCGI
Too much to remember?Akeeba Backup User’s Guide, SecurityInformationhttps://www.akeebabackup.com/documentation/akeeba-backup-documentation/security-info.html777: The number of the beasthttp://www.dionysopoulos.me/blog/777-the-number-of-the-beast
A terrifying thoughtPassword hacking super-computer: 2,700 USD(back in 2010; much cheaper now)
How safe is your password?Password Bits Iterations Time to crack15082005adminortrtaortftaaidbt0rtrTA0rtfTa&idbThorse correct battery stapler13,6 12416 0.00038 msec15,9 61147 0.00185 msec67,7 2,39e+20 228.95 years88,2 3,55e+26 340 million years107,2 1,86e+32 178179 billion years
We’ve got instructionsUnhacking your sitehttps://www.akeebabackup.com/documentation/walkthroughs/item/1124-unhacking-your-site.htmlYou do have backups, right?You did use myJoomla.com, right?Make sure you read the instructions before gettinghacked.
Download this presentationhttp://akeeba.info/asjd13bih
Thank you for listening!Image credits for copyrighted images: sxc.hu; istockphoto.comCoprights of the logos and screenshots of software displayed in this presentaiton is owned by their respective companies