homepage Welcome to WebmasterWorld Guest from 54.226.230.76
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Joomla security, server side (hosting-wise)
abrodski




msg:4510035
 12:58 am on Oct 20, 2012 (gmt 0)

My question is this:
How secure, in general, Joomla 2.5.7 is IF a Joomla admin took all the necessary measures to protect his site? After all, there's also a server where Joomla physically resides (ie. hosting). Well, my hosting is one of the best for Joomla, but still...God knows what happens behind the curtain.
To put it simple, without paying a hacker to try to break into the site, is there a way to make sure it's safe?
I'm not talking about FBI or some wunderkind hackers here (those would surely crack any site), I'm asking about an average hacker (though not just some kid who only pretends to know all about hacking).
I'm aware about cloud services like what Qualys and alike offer.
Last, but not least...I'm not asking general public about their personal opinions (they vary), but only those who knows the subject well enough.
P.S. Almost forgot...Hosting environment vs. self-hosting at home, security-wise?

 

SteveWh




msg:4510185
 3:46 pm on Oct 20, 2012 (gmt 0)

How secure, in general, Joomla 2.5.7 is IF a Joomla admin took all the necessary measures to protect his site?

Latest version of Joomla? Kept continually up to date, with all recommended protective measures? = sufficiently secure.

Install only really needed, popular, time-tested extensions/mods. Don't use mods on the VEL list. Be aware that mods can be incompetently written or written to be vulnerable/malicious on purpose and that your best defense is your own vigilance and research.

Study the very good security recommendations on the Joomla site, and its wiki, and in their forum. Use strong passwords. Lots of Joomla sites have gotten hacked, but plenty of others never have. Often when a site gets hacked, the question is hardly "what was the cause?" The owners didn't do something wrong; they did everything wrong, and the hackers had plenty of avenues to choose from. Bad passwords, outdated Joomla version, use of vulnerable extensions...

To put it simple, without paying a hacker to try to break into the site, is there a way to make sure it's safe?

Study the security info at the Joomla website.

I'm not talking about FBI or some wunderkind hackers here (those would surely crack any site), I'm asking about an average hacker (though not just some kid who only pretends to know all about hacking).

Most hacks are automated -- they throw standard hacks against common vulnerabilities at thousands of websites and successfully hack a percentage of them. The lone, dedicated, hacker targeting your site in particular and keeping at it for days isn't the common scenario.

Last, but not least...I'm not asking general public about their personal opinions (they vary), but only those who knows the subject well enough.

I have never used Joomla myself, so I'm in the general public on that measure.

P.S. Almost forgot...Hosting environment vs. self-hosting at home, security-wise?

Unless you are an expert already, use an external webhosting company. Basically, the fact that you need to ask the question is sufficient evidence that you should not host the site yourself, unless you're willing to run the security risk of doing it yourself just for the education of learning how. Otherwise, IMO, there really is no reason to host a site yourself, as web hosting is so cheap and the inconvenience (and risk) of doing it yourself is so great.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved