Actions

Difference between revisions of "Security Checklist/Site Recovery"

From Joomla! Documentation

< Security Checklist
(Site Recovery)
Line 3: Line 3:
 
== Site Recovery ==
 
== Site Recovery ==
  
<ol>
+
=== Know what steps to follow to recover your site ===
<li>Know the important steps to follow when your site has been compromised '''([[Security_and_Performance_FAQs#Help.21_My_site.27s_been_compromised._Now_what.3F|FAQ]])'''</li>
+
<li>Know the important steps to follow when your site has been compromised. Once you've been compromised, there are few shortcuts. '''([[Security_and_Performance_FAQs#Help.21_My_site.27s_been_compromised._Now_what.3F|FAQ]])'''
  
<li>Know how to reset your administrator password. '''([[Security_and_Performance_FAQs#How_do_I_reset_an_administrator_password.3F|FAQ]])'''
+
===Reset your administrator password===
<li>Always have complete backups.</li>
+
See the '''([[Security_and_Performance_FAQs#How_do_I_reset_an_administrator_password.3F|FAQ]])'''
<li>Know how to find exploit attempts using the *NIX shell.'''([[Security_and_Performance_FAQs#How_do_I_find_exploits_using_the_.2ANIX_shell.3F|FAQ]])'''</li>
+
 
<li>Have a tested plan for how you will recover when your site's been compromised.</li>
+
===Find exploit attempts using the *NIX shell===
</ol>
+
 
 +
([[Security_and_Performance_FAQs#How_do_I_find_exploits_using_the_.2ANIX_shell.3F|FAQ]])'''
 +
 
 +
===Have a backup and recovery plan in place. Test it regularly. ===
 +
 
 +
=== Get help the right way ===
 +
:If you believe your Web site was attacked, '''do not''' post in the Joomla! forums. If there is a vulnerability, publishing that information could put other Web sites at risk. Instead, report possible security vulnerabilities to the [http://developer.joomla.org/security/contact-the-team.html Joomla! Security Task Force].
  
 
== Your Turn... ==
 
== Your Turn... ==

Revision as of 00:41, 29 October 2008

Contents

Site Recovery

Know what steps to follow to recover your site

  • Know the important steps to follow when your site has been compromised. Once you've been compromised, there are few shortcuts. (FAQ)

Reset your administrator password

See the (FAQ)

Find exploit attempts using the *NIX shell

(FAQ)

Have a backup and recovery plan in place. Test it regularly.

Get help the right way

If you believe your Web site was attacked, do not post in the Joomla! forums. If there is a vulnerability, publishing that information could put other Web sites at risk. Instead, report possible security vulnerabilities to the Joomla! Security Task Force.

Your Turn...

  1. If you discover a bug in Joomla! core files, report it here.