Websites which use Joomla are almost 2.8% of the world’s total number of websites. If you think the number is less in terms of percentage then I must let you know that there are 35 millions of websites that use Joomla. As a Joomla developer one can’t provide support every single day to every single website. Joomla is an efficient CMS and it has done some outstanding growth in rapid succession. However, a major trouble faced by Joomla Website owners is that from hackers. Hackers are present everywhere they are omnipresent.
Those days while internet was being developed almost one to two decades back, hackers can be clearly recognized as they were technically strong nerdy men who had ample knowledge on software and of course malware too. But this is not the case now. Nowadays, the hackers are generally of any age, any sex. All they need is a PC, Internet and ample knowledge to sites that give information about hacking. There are numerous sites that may seduce or tempt a normal person to turn into a hacker.
Therefore there is no use in blaming the CMS or the hackers. Instead the Joomla Website administrators should themselves beware of those hackers and take some precautions and steps that will be useful in securing Joomla websites from hackers.
1. Alter the Default DataBase Prefix
The default database prefix would be jos_ only. Majorly the hackers write code to retrieve data jos_users table only. Barely by using this information the hackers can get the username and password of all users. Changing this default prefix for your laptop will prevent unwanted and harmful SQL injections.
2. Use Search Engine Friendly (SEF) Component
Most of the hackers use Google’s inurl: command only. Therefore using a SEF component to rewrite your URL not only prevents you from being hacked but also gives your page an additional ranking in the search engine page ranking for using Search Engine Friendly URLs.
3. Use the Appropriate CHMOD for Every Folder and File
Don’t always use 777 or 707 for all the folders and files. These are the default CHMOD to be used for every file.
PHP Files: 644
Config Files: 666
If you are unsure about this CHMOD do visit the Admin Tools you will find all the essential information over there. There are lists of CHMOD that are specific for specific files. These are available in the Admin Tools which must be downloaded and installed. Admin Tools are not only useful for CHMOD but also for other varied purposes.
4. Updating the Website
Having a trustworthy CMS like Joomla doesn’t mean you can just create your website and leave it off. As a website owner you must constantly update your Joomla. To do so you must first download the Admin Tool and install it which will let you notified about all the updates that are needed for your Joomla powered websites. There are few options to upgrade using Fantastico but this is not as trustworthy as the Admin Tool which is authentic.
5. Passwords – The Conventional Security
Having a password protection is the most conventional way of security. Setting up password for protecting the administrator folder will always be an additional advantage. Already you would have set a password for Joomla applications however this should be unique username and password exclusively for your website.
Once after doing this there will be a need to login twice; once for Joomla and once for the websites. However an important constraint here is to choose unique passwords for both Joomla and Website. Each should have it own unique, complex to crack, strong yet simple, and secret password.
These are the 5 major tips to secure your Joomla website from hackers however if you insist on more security you may also go in for jSecure Authentication plug-in. After downloading this plug-in you can add your customized suffix to your URL. If your suffix is not entered then ‘404’ error i.e. page not found will be published. However the major part of security lies in changing the suffix regularly.
“Prevention is better than cure” is a true fact always. Therefore as soon as you get your website powered by Joomla you need to follow the aforementioned steps which will definitely benefit you and prevent your Joomla website from being hacked.