Keeping Joomla Secure
One of your most important tasks as a website or online business owner is ensuring that your website and data is a secure as possible, regardless of the platform or web application that you are using. In the current day in age, technology and web based applications are particularly prone to security issues which makes security a prime concern.
Fortunately most web hosts, cloud web hosts and dedicated server providers also have this focus and spend a considerable amount of time and effort in making sure that their servers and hardware are perfectly secure. This also includes utilizing many server side based security applications that assist in ensuring any websites hosted on them , such as your own, are as secure as they can be as a default. Unfortunately though, there is still always more than can be done from your own side to better secure your website or application.
Securing Joomla
Joomla is a powerful content management system and, by default, it does have a solid set of security features that aim to make it a safe application for any website or use. However, just like any other web based application, there are a range of additional steps that you can take in order to turn it into a hypothetical security stronghold.
Administrator Password:
The first, and one of the most important security steps, is ensuring that the administrators password for the Joomla installation is strong and difficult to guess. One of the biggest causes of breached web applications is due to administrators using a weak and easy to guess password or using a password that they also used on many other websites.
Your password should be difficult for you to remember, contain a selection of both uppercase and lowercase letters along with a mix of numbers and alternate characters. It should not be a dictionary word.
A good example of a secure password may be: hTl.c49Aa0Jk
Limit Login Page Access To Your Own IP:
A good way of preventing anyone, except for yourself, from even attempting to login to your administration dashboard is to limit access of that page to your own IP address only. In order to do this, you’ll need to contact your web host and request this be done and provide them the IP address of your home computer/network. They will set an access rule that will prevent the page from being accessed unless the request is coming from your IP address. Although this is effective, it will prevent you from logging in from any location aside from your own IP which may be difficult if you are travelling or need access on the go.
Update Regularly:
The Joomla developers are constantly working on improving the software with regular updated versions being made available. Should a security threat or bug be found they are normally patched within these versions, which makes it important to always ensure that you are running the most up to date version. If you installed Joomla via an automatic installer on a cPanel web hosting service, such as Softaculous, you’ll receive an email each time a new version is released. Alternatively, all new releases are listed on the Joomla homepage located here http://www.joomla.org/
Keep It Safe
In most cases, you should be fairly safe from any security issues, particularly if you practice the above 3 steps. Although you may hear many stories of websites being compromised, most of the time you’ll find that it was due to an error from the webmasters side, such as using an easy to guess dictionary word password. As long as you keep Joomla up to date and use strong and unique password you should have no issues regarding security.