Header Ads

Niagahoster

Joomla! Web Security

Secure your Joomla! website from common security threats with this easy-to-use guide.

Today, personal computer systems and servers are being compromised at an alarming rate. Servers such as yours that are hacked into are often used to sell "time" by organized criminals around the world. They are selling time on desktops and servers by the minute, hour, purpose, speed available, and other attributes. The reason for their sale is to send out SPAM (unsolicited bulk email), to use as denial of service attack points, or for any other unintended purpose.

Joomla! Web Security

Joomla!, a very popular Content Management System (CMS), is as you may know an easy-to-deploy-and-use content management system. This ease of use has lent itself to rapid growth of both the CMS and extensions for it. You can install it on almost any host, running Linux or Windows. This highly versatile software has found itself in such lofty places as large corporate web portals, and humble places such as the simple blog.

All of these share a common thread. They exist on the Web, which is one of the most lawless places on the planet. Every day the "bad-guys" are out pacing the good guys—and for a good reason. An ordinary user, who wants a powerful and yet an easy-to-set-up website might choose Joomla!. He or she is not a specialist in security, either good security or bad security. He or she is merely a target to be taken down. While Joomla! itself is inherently safe but mis configurations of the CMS, vulnerable components, hosts that are poorly configured, and weak passwords can all contribute to the downfall of your site.

You will need to ensure that your copy of Joomla! is original and not compromised. Once you install it, you will need to check a few key settings. And lastly, we'll establish the permission settings of various files and folders. The intent of this chapter is to get you prepared to have a good, solid setup before you go live. So let's take a detailed look at the following:

  • Common Terminology
  • Hosting - Selection and Unique Needs
  • Architecting for a successful Joomla! Install
  • Downloading Joomla!
  • Important Settings
  • Permissions
  • Common Trip-ups
  • Setting-up Metrics to Measure Security

Common Terminology

For clarity, the following are a few terms that you may or may not be familiar with:

  • Hacker: A person who learns about technology to enable him/her to write a better code, build better machines, or to employ it in his/her profession or hobby.
  • Cracker: This is a person who learns about technology for the sole purpose of criminal or border-line criminal activity. A cracker is never viewed as one of the good guys, unless it's by the other crackers. When a system is attacked, a cracker's intent is to steal, "own", destroy, or spy.
  • Owned: This refers to the state of a machine after a cracker has successfully penetrated your defences and has placed a code to listen, steal, spy, or destroy your box.
  • Exploit: This is a vulnerability in software that can be used for breaking security or attacking an Internet host over the network. The Ping O' Death is a famous exploit.

More grammatically, it's a program that exploits an exploit.

Powered by Blogger.