Presentation is loading. Please wait.

Presentation is loading. Please wait.

Joomla! Security Ruth Cheesley. Hello, I’m Ruth Cheesley from Virya Technologies Find my social media stuff

Published byCathleen Watts Modified over 9 years ago

Similar presentations

Presentation on theme: "Joomla! Security Ruth Cheesley. Hello, I’m Ruth Cheesley from Virya Technologies Find my social media stuff"— Presentation transcript:

1 Joomla! Security Ruth Cheesley

2 Hello, I’m Ruth Cheesley from Virya Technologies Find my social media stuff here! @RCheesley

3 What do we mean by security?

4 Why bother?

5 Where to start? Joomla! Security Local server security Global server security

6 Security is … Putting measures in place to make unauthorised access more difficult NOT making it impossible

7 … a balancing act Security versus usability Risk versus implications

8 A quick look at server security Use a reputable company with Joomla! experience Ensure they have recommended security settings applied Ask others if you’re not sure!

9 Is Joomla! insecure? It depends! Often insecurities are due to poor practice by administrators including: –Patches not being applied –Insecure extensions –Basic precautions not taken

10 If you do nothing else … Keep Joomla! and extensions up to date

11 Updating Joomla! Manually One-click (1.6.x +) Akeeba Admin Tools

12 If you do nothing else … Enable Search Engine Friendly (SEF) URL’s

13 Enable SEF URL’s Enable in global configuration With or without.htaccess Using extensions

14 If you do nothing else … Establish a regular backup routine

15 Establish a backup routine On-site backups Off-site backups Full or partial Akeeba backup

16 Other ‘must do’ security tasks Hide your admin portal (jSecure, Admin Tools) Change your database prefix (manually or using Admin Tools) Change your default Super Admin ID (from #62 in 1.5 or #42 in 1.6/7)

17 Hide admin portal Why bother? jSecure Akeeba Admin Tools

18 Change database prefix Why bother? Manually Akeeba Admin Tools

19 Change default admin ID Why bother? Manually Akeeba Admin Tools

20 Would be good to do … Web application firewall

21 Web Application Firewall Why bother? Akeeba Admin Tools

22 Top Ten Tips 1.Keep Joomla! up to date 2.Keep extensions up to date 3.Hide admin portal 4.Change database prefix 5.Ensure correct file and folder permissions 6.Disable default Super Administrator 7.Enable SEF URL’s 8.Establish and regularly test backup routine 9.Ensure strong username/password for admins 10.Do not give out Admin rights freely

23 Useful links http://www.viryatechnologies.com http://www.akeebabackup.com http://www.joomlaserviceprovider.com http://tinyurl.com/joomlasecuritychecklist http://www.ico.gov.uk/

24 Thank you Any questions? Ruth Cheesley Virya Technologies ruth.cheesley@viryatechnologies.com @RCheesley

Download ppt "Joomla! Security Ruth Cheesley. Hello, I’m Ruth Cheesley from Virya Technologies Find my social media stuff"

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Copyright © 2006 Quest Software Quest SharePoint Management.

Copyright © 2006 Quest Software Quest SharePoint Management.
Remember the good old times ?

Remember the good old times ?
Module 12 Upgrading from Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010.

Module 12 Upgrading from Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Martin Y. Leveille Sharepoint Engineer RJB Technical Consulting, Inc. Installation and Configuration Methodology.

Martin Y. Leveille Sharepoint Engineer RJB Technical Consulting, Inc. Installation and Configuration Methodology.
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Administering Your.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Administering Your.
Installing PhpGedView A collaborative online genealogy tool.

Installing PhpGedView A collaborative online genealogy tool.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.

Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.
© 2009 IBM Corporation 1 ClearQuest Synchronizer and ClearQuest Bridge Tech Enablement for CLM 4.0 Lorelei Ngooi & Yuhong Yin June 2012.

© 2009 IBM Corporation 1 ClearQuest Synchronizer and ClearQuest Bridge Tech Enablement for CLM 4.0 Lorelei Ngooi & Yuhong Yin June 2012.
Danielle Baldwin, ITS Web Services CMS Administrator Application Overview and Joomla 1.5 RC 1 Highlights.

Danielle Baldwin, ITS Web Services CMS Administrator Application Overview and Joomla 1.5 RC 1 Highlights.
Cyber Patriot Training

Cyber Patriot Training
Protecting Your Computer & Your Information

Protecting Your Computer & Your Information
8/1/2015. Please Ask Questions! 2 Hacks In The News Office of Personnel Management (OPN) Flash vulnerabilities Sony Heartbleed iCloud Leaked Pictures.

8/1/2015. Please Ask Questions! 2 Hacks In The News Office of Personnel Management (OPN) Flash vulnerabilities Sony Heartbleed iCloud Leaked Pictures.
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
Securing Microsoft® Exchange Server 2010

Securing Microsoft® Exchange Server 2010
1-19-2012www.ursamajorconsulting.com1 Avoid Getting Hacked Joomla! Web Security Northern Virginia Joomla Users Group January 2012 Dorothy Firsching, Ursa.

www.ursamajorconsulting.com1 Avoid Getting Hacked Joomla! Web Security Northern Virginia Joomla Users Group January 2012 Dorothy Firsching, Ursa.

Similar presentations

Ads by Google