Actions

Difference between revisions of "Security and Performance FAQs"

From Joomla! Documentation

(Where can I learn more about file permissions?: added internal links replacing external links (same content))
 
Line 513: Line 513:
  
 
.DS. = Directory Seperator
 
.DS. = Directory Seperator
 
==Moving sensitive files outside the web root==
 
{{:Moving sensitive files outside the web root}}
 
 
Moving sensitive files is now documented at: http://docs.joomla.org/Moving_sensitive_files_outside_the_web_root
 
  
 
==How do I block direct access to critical files using .htaccess?==
 
==How do I block direct access to critical files using .htaccess?==
Line 1,367: Line 1,362:
 
# '''Note suspicious recently-modified files:''' Check the modified files list for any files that were recently changed. Pay particular attention to the modification, and correlate them to the dates of attacks shown in your log files.
 
# '''Note suspicious recently-modified files:''' Check the modified files list for any files that were recently changed. Pay particular attention to the modification, and correlate them to the dates of attacks shown in your log files.
 
# '''Check for bogus CRON Jobs:''' Hacked cron jobs can be setup to reinfect your site over and over again.
 
# '''Check for bogus CRON Jobs:''' Hacked cron jobs can be setup to reinfect your site over and over again.
# '''Coordinate with your host:''' If you have identified how you were cracked, report the method to your host. If you are on a shared server, you may habe been attacked through another vulnerable site on your server. Report this to your host. A reputable host will appreciate your efforts in this area.
+
# '''Coordinate with your host:''' If you have identified how you were cracked, report the method to your host. If you are on a shared server, you may have been attacked through another vulnerable site on your server. Report this to your host. A reputable host will appreciate your efforts in this area.
 
# '''Delete the entire public_html directory:''' This is the best way to guarantee that every potential vulnerability in that site is removed.
 
# '''Delete the entire public_html directory:''' This is the best way to guarantee that every potential vulnerability in that site is removed.
 
# '''Delete related database records:''' This step may only be possible if you have good backups. Simple script kiddies, who are only trying to mark your index page, may not attack your database, but professionals are usually very interested in confidential data, such as passwords. They may pose as script kiddies to avoid suspicion while repeatedly harvesting confidential information from your database.
 
# '''Delete related database records:''' This step may only be possible if you have good backups. Simple script kiddies, who are only trying to mark your index page, may not attack your database, but professionals are usually very interested in confidential data, such as passwords. They may pose as script kiddies to avoid suspicion while repeatedly harvesting confidential information from your database.
# '''Reinstall everything:''' Use pre-crack backups. If you don't have good backups, go on to step 10.
+
# '''Reinstall everything:''' Use pre-crack backups. If you don't have good backups, reinstall everything anyways.
# '''Reset critical passwords again:''' You must reset your passwards again now that your server is finally cleaned of any possible, hidden trojan horses.
+
# '''Reset critical passwords again:''' You must reset your passwords again now that your server is finally cleaned of any possible hidden trojan horses.
 
# '''Rebuild site:''' If you are unable to rebuild from clean backups, rebuild your entire site using original, pre-crack installs. Use only the latest stable versions of all software, and check the List of Vulnerable Extensions
 
# '''Rebuild site:''' If you are unable to rebuild from clean backups, rebuild your entire site using original, pre-crack installs. Use only the latest stable versions of all software, and check the List of Vulnerable Extensions
 
# '''Review security processes:''' Follow standard security precautions for important settings in php.ini, globals.php, configuration.php, .htaccess, etc.
 
# '''Review security processes:''' Follow standard security precautions for important settings in php.ini, globals.php, configuration.php, .htaccess, etc.

Latest revision as of 14:41, 14 May 2013