This presentation provides information about the most common Joomla! attacks and how to protect from them. The basics of securing Joomla! sites are covered in details.
15. #2: DO THE BASICS
✓ Change The Default “admin” username
✓ Change The Default “jos_” DB Prefix
✓ Password Protect Your Administrator Folder
16. #3: RESTRICT THE ADMIN AREA BY IP
✓ Step 1: Check Your IP: whatismyip.com
✓ Add This Rule To Your .htaccess File
deny from all
allow from YOUR_IP_ADDRESS
17. #4: KEEP PHP SCRIPTS IN
THE RIGHT FOLDERS
<Files *.php>
deny from all
</Files>
18. #5: USE BULLET-PROOF PASSWORDS
✓ Avoid password generators
✓ Don’t use common words
✓ Avoid personal info, names
and significant dates:
daniel123
19. THE PERFECT PASSWORD
✓ Choose A Favourite (Not Famous) Movie
Quote/Phrase From A Book:
We all go a little mad sometimes
✓ Add Punctuation Symbols (?!.,:) And Capital Letters,
Remove Whitespaces:
We.all?go!AlittleMad2sometimes
20. #6: CHECK YOUR EXTENSIONS
✓Joomla! Vulnerable Extensions List (VEL):
http://vel.joomla.org/
✓National Vulnerability Database:
http://web.nvd.nist.gov/view/vuln/search
21. #7: STAY ON TOP OF
SECURITY UPDATES
✓http://feeds.joomla.org/JoomlaSecurityNews
✓http://feeds.joomla.org/
JoomlaSecurityVulnerableExtensions
22. BUILD A JOOMLA! SECURITY RSS FEED
HOW TO DO IT: http://is.gd/Vze1Zo
23. #8: FIX YOUR PERMISSIONS
AND OWNERSHIP
✓Folders: 0755
✓Files: 0644
✓All files/folders should be owned by your
main FTP user
✓NEVER EVER USE 777 permissions
24. #9: ADDITIONAL PROTECTION
THROUGH .htaccess FILE
✓ Remove PHP Sensitive Information
✓ Avoid Visual FingerPrinting
✓ Block Some Popular Tools Used By Hackers
How To Do It: http://is.gd/pGfVXQ
25. #10: USE JOOMLA! SECURITY
EXTENSIONS FOR IDS/IPS
✓jHackGuard
✓ Akeeba Admin Tools
✓ jomDefender
✓jSecure
26. SQL INJECTION
SELECT * FROM users WHERE name = 'a';DROP TABLE
users; SELECT * FROM userinfo WHERE 't' = 't';
31. DISASTER RECOVERY PLAN
1. Create A Copy Of The Hacked Site + All Logs
2. Restore From A Clean Backup
3. Quarantine Your Site - Maintenance Mode
4. Check The Logs For The Malicious Code
5. Resolve The Security Issues/Clean Malicious Code
6. Unquarantine Your Site
32. FEW THINGS TO TAKE AWAY
✓ Security Is About Making It Harder To
Infiltrate - Not Making It Impossible
✓ Security Is An Ongoing Process
✓ Everyone Is Involved