Difference between revisions of "Security"

Recommended Reading[edit]

1. Getting Started
2. Hosting and Server Setup
3. Testing and Development
4. Joomla Setup
5. Site Administration
6. Site Recovery
7. You have been Hacked

More Information[edit]

List of articles that belong to the category "Security"

• Backup Basics for a Joomla! Web Site
• Backup Basics for a Joomla! Web Site/bn
• Backup Basics for a Joomla! Web Site/en
• Backup Basics for a Joomla! Web Site/pt-br
• Backup Basics for a Joomla! Web Site/ru
• Help4.x:Components Joomla Update
• Delete Installation folder
• Delete Installation folder/en
• Discover The Joomla Versions On Your Server
• File:Enable HTTPS In Global Config-en.png
• Enabling HTTPS on your site
• Archived:Global configuration
• J3.x:Global configuration
• J3.x:Global configuration/en
• J3.x:Global configuration/it
• J3.x:Global configuration/pt
• J3.x:Global configuration/tr
• J3.x:Global configuration/uk
• How do UNIX file permissions work?
• How do Windows file permissions work?
• How do phpSuExec file permissions work?
• How do you block direct hot linking to image files using htaccess?
• How do you block directory scans using htaccess?
• How do you block directory scans using htaccess?/en
• How do you convert an htaccess.txt file into a .htaccess file?
• How do you convert an htaccess.txt file into a .htaccess file?/ca
• How do you convert an htaccess.txt file into a .htaccess file?/en
• How do you password protect directories using htaccess?
• How do you recursively adjust file and directory permissions?
• How do you restrict directory access by IP address using htaccess?
• How to add CSRF anti-spoofing to forms
• Htaccess examples (security)
• J4.x:Http Header Management
• J3.x:Joomla 3.8.13 Security Notes
• J3.x:Joomla 3.8.8 notes about the changed default settings
• J3.x:Joomla 3.9.3 Security Notes
• J4.x:Joomla Update Problems
• Magic quotes and security
• Secure coding guidelines
• Secure coding guidelines/en
• Securing Joomla extensions
• Security/Guide
• Security/en
• Security/ru
• Security Checklist
• Security Checklist/ar
• Security Checklist/el
• Security Checklist/en
• Security Checklist/fa
• Security Checklist/th
• Category:Security FAQ
• Security and Performance FAQs
• Security hotfixes for Joomla EOL versions
• Security hotfixes for Joomla EOL versions/en
• J3.x:Taking the website temporarily offline
• Taking the website temporarily offline
• J3.x:Taking the website temporarily offline/de
• Taking the website temporarily offline/en
• J3.x:Taking the website temporarily offline/en
• Taking the website temporarily offline/it
• J3.x:Taking the website temporarily offline/ru
• Top 10 Stupidest Administrator Tricks
• J3.x:Two Factor Authentication
• J3.x:Two Factor Authentication/de
• J3.x:Two Factor Authentication/en
• Updating PHP
• J3.x:Updating to Joomla 3.8.13 and 3.9.0 as non-superuser
• Verifying permissions
• Archived:Vulnerable Extensions List/Archive
• WebAuthn Passwordless Login
• What are these strange (URL-Encoded) characters doing in your code?

REMEMBER[edit]

1. There's no one right way! Due to the variety and complexity of modern web servers, security issues can't be resolved with simple, one-size-fits-all solutions. You, or someone you trust, must learn enough about your web server infrastructure to make valid security decisions.
2. There's no substitute for experience! To secure your web site, you must gain real experience , or get experienced help from others.
3. It's not as hard as it looks: The following checklist may seem intimidating, but you don't have to deal with all of it at once. As you become more familiar with GNU/Linux, Apache, MySQL, PHP, HTTP, and Joomla, you'll add refinements to your combination of security tactics. Security is a moving target, so today's expert might be tomorrow's victim. Good luck!...

Please read Joomla! Administrators Security Checklist for more information.

See all documents in the Security Category.