Security Concerns

[acepp]

i was just wondering how secure Joomla 1.0.2 actually is?
does anyone no of any security issues or concerns about the CMS?
how secure are the folders and files?
how secure is the database?
what security precautions can users take to ensure their site does not get hacked or that private information from their site doesnt get accessed?
are all CMS's prone to such security issues?

[Robin]

Mod note, moved to correct forum: Joomla, General Questions >> Joomla, Security & Performance

[acepp]

anyone got any input?

[brad]

1.0.2 is much more secure than the current Mambo version, however 1.0.3 will be out soon to address a few left over/newer security issues. Subscribe to the announcement forum to be notified when it is released: http://forum.joomla.org/index.php?actio ... ;board=8.0

[acepp]

thanks.
im looking forward to 1.0.3 release.
i guess im a liitle concerned with the several people who have posted that they have had their websites hacked.
i was wondering how people manage to hack into them and if there any precautions i can take so it doesnt happen to.

[Tonie]

Almost every hack that I know of, isn't caused by Mambo. Most of the leaks are because of security issues within PHP, Mysql or Apache on servers that haven't been patched to the latest stable version.

[acepp]

cool.
so as long as you have the latest software you'll (hopefully) be okay... yeh?

[Tonie]

This is normally the case, yeah. On the other hand, there is always a small risk involved when updating/upgrading software. I normally don't update systems when there aren't any security concerns and everything runs without problems.