CIO - As Joomla grows in popularity as an open source CMS more and more individuals and businesses of all sizes rely on the platform to get their products and services online. In fact, more than 2.5 percent of websites are running on a Joomla CMS -- and for good reason.
Joomla is free and there are more 8,600 extensions that allows it to do almost anything you want a CMS to do. Add to that a robust developer community and you've got a compelling product. Being so popular it's no surprise that malicious hackers continue to find new and innovative ways to gain access to your data. With that in mind, here are ways you can prevent these attacks and strengthen the walls of your CMS.
There are all kinds of hacks and attacks that the bad guys can use to infiltrate or bring down your site. These range from remote file inclusion to cross site scripting to the ever-popular SQL injection. Making your site more secure and resilient is a full-time job. For the most part a properly configured instance of Joomla on a properly configured server is about as secure as any other off-the-shelf solution. So why is it that Joomla gets the rap that it's among the most vulnerable open source CMS projects? To answer that question you need only to look in the mirror.
An infrastructure is only as secure as its weakest link and as it turns out a vast majority of security issues related to Joomla are not caused by Joomla's core code. Most security issues stem from old unpatched versions of Joomla or insecure, out-of-date and poorly written third-party extensions.
As the admin you have the daunting task of ensuring your CMS is properly patched, updated and secure. To help you achieve this goal, we've compiled this list of things you can do to improve your Joomla security.
1. Servers and Hosting
No decision is going to be more critical than hosting and servers. Many a server errors can be attributed to unpatched servers, open ports or weak shared hosting. On shared hosting your site could be set up properly and still be hacked through another site on the shared server. If your current host has problems with basic server configurations than you should most likely look for a new host. So step 1 make sure you are using a well-known secure host and that you stay current with your server patches.
Host your site on a server that runs PHP 5.2 or better in CGI mode with Su_PHP. Su_PHP is to PHP scripts what Su_Exec is to Perl files; basically it allows the execution of scripts under your specific user account as opposed to default Apache account. This allows you to more easily identify and track security breaches.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Unlocking the Promise of Demand Sensing and Shaping through Big Data Analytics Many organizations have limited insight into big data. These limitations have significant opportunity costs and can have a negative effect on identifying and...
- Intelligent Imaging for Improved Banking Performance and Profitability A new generation of "Intelligent Imaging" solutions has emerged that is helping banks remove the burden of paper in legacy processes, like loan...
- The Total Economic Impact Of IBM Datacap Taskmaster In April 2012, IBM commissioned Forrester Consulting to examine the total economic impact (TEI) and potential ROI that enterprises might realize by deploying...
- Winning the Paper Wars - capture the content and mobilize the process troops In this report, AIIM looks at the reasons for this poor progress, measure the adoption of digital mailrooms, chart the progress of mobile...
- Next Generation SAM Managing software assets and licenses is a time-consuming job that can drain IT resources. When this is not done properly, a company might...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel All Content/Document Management White Papers | Webcasts