A Few Basic Security rules

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
User avatar
PhilD
Joomla! Hero
Joomla! Hero
Posts: 2737
Joined: Sat Oct 21, 2006 10:20 pm
Location: Wisconsin USA
Contact:

A Few Basic Security rules

Post by PhilD » Sat May 21, 2011 10:13 pm

If a person follows these few simple rules the majority of site hacks will not happen.

1.) Use a decent hosting provider. Cheap is not necessarily bad, and expensive is not necessarily good. Do your research. Take a few minutes to search for and read comments and reviews left by other users.

2.) If you don't need it for your sites functionality then don't install it. If you do need it for your sites functionality, take a few minutes to search for and read comments and reviews left by other users of that software to make sure you’re not getting more than you bargained for by installing the software.

3.) If you installed it then keep it updated. The hackers are constantly looking for outdated, security compromised software to exploit. Save yourself a lot of work, and don't become a statistic, update!!

4.) If you no longer need it for your sites functionality, then remove it. This includes any files that may be left behind after uninstalling extensions. It is easy to forget about things no longer in use. Remove those things before a hacker finds them for you! You can always reinstall it if needed later.

5.) Back it up and test those backups to make sure they work properly before you need them, not when you need to depend on one.

6.) Avoid updating software on your laptop or other mobile device while you are using a wired or wireless network that is untrusted and public. This means those free (and paid) Wi-Fi networks like those that are available in hotels, and coffee shops, public libraries and so on. Also avoid updating software using a tethered connection through your smart phone. Many laptops, phones and other mobile devices will automatically switch over to available Wi-Fi networks if the 3G/4G signal dies. Malicious software could be downloaded while using such untrusted networks and connections and infect your laptop or mobile device (tablet) and thus infecting your website(s) or stealing passwords used for website access.

Yes, there are many things one can add, but they pretty much all fit into these few rules.

If your not willing to follow these few rules, then hire someone who will follow these rules. Everyone will be happier in the long run.
PhilD

Locked

Return to “Security in Joomla! 1.5”