Blogging

Joomla Security- How to Secure Joomla Website from Hackers

Secure Joomla Website from Hackers

Joomla security is a primary concern for every Joomla website admin.Exclusive tutorial on how to secure your Joomla website from hackers.

Every day many websites getting hacked is your website running on Joomla, then make your website secure with following techniques.

Joomla is a popular CMS for this reason hackers try to hack your website frequently. Learn about Joomla security issues, extensions and how to fix them.

UPDATE JOOMLA AND EXTENSIONS

Always keep Joomla and it’s extensions up to date.Older versions files may have many bugs.In every new version of Joomla and extensions, the code will get clean and fix critical bugs to prevent your site from hackers.First Update Joomla to update version and also look on Joomla extensions to upgrade them to latest versions.

USE STRONG LOG IN CREDENTIALS

By default, the username will be Admin, which helps to hackers to easily hack your Joomla website.So prefer to use strong username and password.

Some of commonly used passwords and techniques to select a strong password :

1.Your Password should include special characters, Numbers and capital letters, so it’s very difficult to guess.

2.Don’t use commonly used words as your Joomla website passwords like 12345, Love, Oldpassword, Newpassword, querty,  iloveyou, monkey, 111111 ,123123 etc.

3.Don’t use your name and family name in the password.

FILE PERMISSIONS

Don’t allow users to upload files in your website or server.In your C panel use proper file permissions to prevent your website from hackers.

 

Image credits: Siteground

Recommended permissions to Joomla files, Folders and config PHP file:

  1. Assign 644 for Joomla files
  2. Assign 755 for Joomla folders
  3. Assign 444 for your Joomla website config.php file.

HTACCESS FILE

Edit .htaccess file to block some Joomla security issues.Add the following code snippets at the end of your Joomla .htaccess file.

########## Begin - Rewrite rules to block out some common exploits
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a < script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script that tries to set CONFIG_EXT (com_extcal2 issue)
RewriteCond %{QUERY_STRING} CONFIG_EXT([|%20|%5B).*= [NC,OR]
# Block out any script that tries to set sbp or sb_authorname via URL (simpleboard)
RewriteCond %{QUERY_STRING} sbp(=|%20|%3D) [OR]
RewriteCond %{QUERY_STRING} sb_authorname(=|%20|%3D)
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

Use a Secure Web Hosting

Keep in mind one thing, nothing can make your efforts to secure Joomla effective if your website is hosted on an outdated hosting infrastructure. That said, you should choose durable and protected hosting platform to store your site data for seamless operations. No doubt, SiteGround the robust host out there offering outstanding services at cheap rates.

However, you can also consider checking Digital Ocean cloud platform to avail virtual cloud server at reasonable pricing tag. Though they are developer friendly and require a bit technical skills to maintain your server. If you’re one of those who prefer to have cloud based host, then check out following DigitalOcean competitors to get reliable cloud server with easy to use dashboard and friendly customer support.

JOOMLA SECURITY EXTENSIONS

This is the best and accurate way to improve the security of your Joomla websites.Install best Joomla security extension to prevent your website from hackers.J Hack Guard is a popular Joomla security extension developed by Site ground.

  1. jHackGuard
  2. Akeeba Admin Tools
  3. jSecure

BACKUP WEBSITE

Backup your Joomla website files and database frequently, if something happens upload this data to get back your website.

If you don’t know, how to backup Joomla website, contact your web hosting provider.Or simply install and configure best Joomla backup extension “Akeeba backup” to back up files and date directly from Admin panel.

About the author

Syed Moin Ali

Hello My Name is Syed Moin Ali and I am the founder of PC Learnings Here on this blog I write about Blogging, SEO, Internet Tricks, Social Networking Site, and Make Money

Add Comment

Click here to post a comment