Difference between revisions of "Security Checklist/Site Recovery"

From Joomla! Documentation

< Security Checklist
(20 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{{RightTOC}}
+
{{:Security Checklist/TOC}}
 +
== Site Recovery ==
  
== Site Recovery ==
+
=== Get help the right way ===
 +
:If you believe your Web site was attacked, '''do not''' create yet another oh-so-boring post in the Joomla! forums with the title, ''"Help! I've been hacked."'' This tells us nothing of importance. The vast majority of compromised sites were not setup correctly or were using obsolete versions of Joomla! or third-party extensions. This is what you need to investigate.
 +
 
 +
:If you discover a real vulnerability, publishing the information could put other Web sites at risk. Instead, report possible security vulnerabilities to the [http://developer.joomla.org/security Joomla! Security Task Force].
  
=== Know what steps to follow to recover your site ===
+
=== Follow a logical and rigorous recovery process ===
:Know the important steps to follow when your site has been compromised. Once you've been compromised, there are few shortcuts. '''([[Security_and_Performance_FAQs#Help.21_My_site.27s_been_compromised._Now_what.3F|FAQ]])'''
+
:Know the important steps to follow when your site has been compromised. Once your site has been cracked, there are few shortcuts. '''([[Security_and_Performance_FAQs#Help.21_My_site.27s_been_compromised._Now_what.3F|FAQ]])'''
  
 
===Reset your administrator password===
 
===Reset your administrator password===
:'''([[Security_and_Performance_FAQs#How_do_I_reset_an_administrator_password.3F|FAQ]])'''
+
:Many attackers take pleasure in locking you out of your site. They often do this by changing your administrator password. If you are locked out, don't panic! There is a simple procedure for resetting your administrator password. '''([[How_do_you_recover_your_admin_password%3F|FAQ]])'''
  
 
===Find exploit attempts using the *NIX shell===
 
===Find exploit attempts using the *NIX shell===
:'''([[Security_and_Performance_FAQs#How_do_I_find_exploits_using_the_.2ANIX_shell.3F|FAQ]])'''
+
:Know how to check for suspicious and/or modified files. Know how to check the raw Apache logs for suspicious activity on your site. '''([[Security_and_Performance_FAQs#How_do_I_find_exploits_using_the_.2ANIX_shell.3F|FAQ]])'''
 
 
 
 
 
 
=== Get help the right way ===
 
:If you believe your Web site was attacked, '''do not''' post in the Joomla! forums. If there is a vulnerability, publishing that information could put other Web sites at risk. Instead, report possible security vulnerabilities to the [http://developer.joomla.org/security/contact-the-team.html Joomla! Security Task Force].
 
  
 
== Your Turn... ==
 
== Your Turn... ==
:If you discover a bug in Joomla! core files, [http://dev.joomla.org/content/view/1450/89/ report it here].
+
:If you discover a vulnerability in Joomla! core files, [http://developer.joomla.org/security/contact-the-team.html report it here].
 
 
== Choose A Checklist==
 
# [[Security Checklist 1 - Getting Started|Getting Started]]
 
# [[Security Checklist 2 - Hosting and Server Setup|Hosting and Server Setup]]
 
# [[Security Checklist 3 - Testing and Development|Testing and Development]]
 
# [[Security Checklist 4 - Joomla Setup|Joomla Setup]]
 
# [[Security Checklist 5 - Site Administration|Site Administration]]
 
# [[Security Checklist 6 - Site Recovery|Site Recovery]]
 
  
 
[[Category:Security Checklist]]
 
[[Category:Security Checklist]]

Revision as of 16:28, 23 March 2013

Site Recovery[edit]

Get help the right way[edit]

If you believe your Web site was attacked, do not create yet another oh-so-boring post in the Joomla! forums with the title, "Help! I've been hacked." This tells us nothing of importance. The vast majority of compromised sites were not setup correctly or were using obsolete versions of Joomla! or third-party extensions. This is what you need to investigate.
If you discover a real vulnerability, publishing the information could put other Web sites at risk. Instead, report possible security vulnerabilities to the Joomla! Security Task Force.

Follow a logical and rigorous recovery process[edit]

Know the important steps to follow when your site has been compromised. Once your site has been cracked, there are few shortcuts. (FAQ)

Reset your administrator password[edit]

Many attackers take pleasure in locking you out of your site. They often do this by changing your administrator password. If you are locked out, don't panic! There is a simple procedure for resetting your administrator password. (FAQ)

Find exploit attempts using the *NIX shell[edit]

Know how to check for suspicious and/or modified files. Know how to check the raw Apache logs for suspicious activity on your site. (FAQ)

Your Turn...[edit]

If you discover a vulnerability in Joomla! core files, report it here.