Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Tips to secure your joomla site


Published on

Enuke joomla web development company india having expert custom joomla modules developer. Providing joomla web maintenance service, custom joomla website at very low development cost in Gurgaon.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Tips to secure your joomla site

  1. 1. Tips To Secure Your Joomla Site
  2. 2. About Joomla A Joomla Web Development framework is one of the key contestants in the open source market for supple CMS. Joomla framework aids to put up the most resourceful websites packed with oodles of features that is swaddled in all categories of populace. Joomla has a collection of built-in features. It also has a large choice of extra modules and propels that it will amplify the meriting of the designed website
  3. 3. Merits of Joomla webdevelopment framework: Variety of plug-ins Unstrained to utilize drop down menu features Freely reachable template themes Easiness of update Simplicity of other module assimilation Ease of customization Make over of Joomla community to respond for any query
  4. 4. Tips1:Proper Hosting Environment A properly configured server for your joomla website. Host your site on a server that runs PHP in CGI mode with su_php. PHP runs under your own account user instead of the global Apache user Dont need to set insecure global permissions like CHMOD of 777.a. Set register_globals OFFb. Disable allow_url_fopenc. Adjust the magic_quotes_gpc directive as needed for yoursite. The recommended setting for Joomla! 1.0.x is ON to protectagainst poorly-written extensions. Joomla! 1.5 ignores thissetting and works fine either way.d. Dont use PHP safe_mode
  5. 5. Tips 2: Change the Default Database Prefix(jos_)  While installation, change the default database prefix to something random. This will prevent most of the SQL injection attacks as hackers try to retrive superadmin details from jos_users table.
  6. 6. Tips 3: Disable FTP Layer While installation, dont enable the FTP layer as it opens up a potential security hole since your FTP details are stored in plain text under a Joomla! configuration file. FTP layer is not required if your hosting is secured and configured properly for Joomla.
  7. 7. Tips 4: Changesuperadministrator username After installation, change the username for the super-administrator. By default, its admin. So change it something like ravi.chamria so that the username/password combination becomes difficult to guess or crack.
  8. 8. Tips 5: Strong Password Always use strong password like E@^M!$<9@k. In apache web server, you can do this htaccess file or in cpanel.
  9. 9. Tips 6: Enable SEF URLs Most hackers use the Google inurl: command to search for a vulnerable exploit. So enable SEF urls from site configuration if you are using Joomla 1.5. Use extensions like SH404SEF for both Joomla 1.0 and Joomla 1.5.
  10. 10. Tips 7: Proper file/folderpermissions  The proper file/folder permissions for your joomla website is: * PHP files: 644 * Config files: 666 * Other folders: 755You can CHMOD the files and folders using your FTP client.
  11. 11. Tips 8: Setup a Backup andRecovery Process  Always rely on a strong backup and recovery protocol for your live website.  Its not just hacking that may compromise your website but other factors like a faulty upgrade or extension install, hardware failure, hosting provider issues.  You can use JoomlaPack, a non- commercial component native for both Joomla 1.0 and 1.5 for backup.