Difference between revisions of "Security"

Latest revision as of 14:08, 5 June 2015

Other languages:

Deutsch • ‎English • ‎Nederlands • ‎eesti • ‎español • ‎français • ‎italiano • ‎português • ‎русский • ‎中文（台灣）‎

Joomla! Security

This page contains relevant links for securing your Joomla! Website. As a Joomla! site owner or administrator you should remember:

There's no one right way! Due to the variety and complexity of modern web servers, security issues can't be resolved with simple, one-size-fits-all solutions. You, or someone you trust, must learn enough about your web server infrastructure to make valid security decisions.
There's no substitute for experience! To secure your web site, you must gain real experience , or get experienced help from others.
It's not as hard as it looks: The following checklist below may seem intimidating, but you don't have to deal with all of it at once. As you become more familiar with GNU/Linux, Apache, MySQL, PHP, HTTP, and Joomla, you'll add refinements to your combination of security tactics.

...Security is a moving target, so today's expert might be tomorrow's victim...

Security Guide

Joomla Security Forums

Joomla 3.x Security Forum

Joomla Security Feeds

@@ Line 1: / Line 1: @@
-== Recommended Reading ==
+<noinclude><languages /></noinclude>
-* [[Security and Performance FAQs]]
+{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=5x|text-color=#333|title=<translate><!--T:7-->
+Joomla! Security</translate>}}
+{{:Security/Intro/<translate><!--T:8-->
+en</translate>}}
+<div class="large-6 column">
+{{section portal heading|icon=unlock-alt|title=<translate><!--T:9-->
+Security Guide</translate>}}{{:Security/Guide/<translate><!--T:10-->
+en</translate>}}
+</div>
+<div class="large-6 column">
+{{section portal heading|icon=book|title=<translate><!--T:11-->
+Recommended Reading</translate>}}{{:Security/Reading list/<translate><!--T:12-->
+en</translate>}}
+</div>
+{{-}}
+<div class="large-12 column">{{section portal heading|icon=support|title=<translate><!--T:13-->
+More Articles Relevant to Security</translate>}}{{:Security/Tutorials/<translate><!--T:15-->
+en</translate>}}
+</div>
-# [[Security Checklist 1 - Getting Started]]
+__NOTOC__ __NOEDITSECTION__
-# [[Security Checklist 2 - Hosting and Server Setup]]
+<noinclude>
-# [[Security Checklist 3 - Testing and Development]]
+<translate>
-# [[Security Checklist 4 - Joomla Setup]]
+<!--T:2-->
-# [[Security Checklist 5 - Site Administration]]
+[[Category:Security]]
-# [[Security Checklist 6 - Site Recovery]]
+</translate>
-# [[Security Checklist 7 | Security Checklist 7 - You have been Hacked]]
+</noinclude>
-== More Information ==
-<html><a href="/Archived_vel" title="Archived vel">Archived vel</a></html>
-<html><a href="/Backup" title="Backup">Backup</a></html>
-<html><a href="/Cleared_vulnerable_extensions" title="Cleared vulnerable extensions">Cleared vulnerable extensions</a></html>
-<html><a href="/Help!_Your_site%27s_been_compromised._Now_what%3F" title="Help! Your site's been compromised. Now what?">Help! Your site's been compromised. Now what?</a></html>
-<html><a href="/How_can_you_check_your_Joomla!_installation%27s_overall_security_and_health%3F" title="How can you check your Joomla! installation's overall security and health?">How can you check your Joomla! installation's overall security and health?</a></html>
-<html><a href="/How_do_you_block_direct_hot_linking_to_image_files_using_.htaccess%3F" title="How do you block direct hot linking to image files using .htaccess?">How do you block direct hot linking to image files using .htaccess?</a></html>
-<html><a href="/How_do_you_block_directory_scans_using_.htaccess%3F" title="How do you block directory scans using .htaccess?">How do you block directory scans using .htaccess?</a></html>
-<html><a href="/How_do_you_convert_an_htaccess.txt_file_into_a_.htaccess_file%3F" title="How do you convert an htaccess.txt file into a .htaccess file?">How do you convert an htaccess.txt file into a .htaccess file?</a></html>
-<html><a href="/How_do_you_find_exploits_using_the_*NIX_shell%3F" title="How do you find exploits using the *NIX shell?">How do you find exploits using the *NIX shell?</a></html>
-<html><a href="/How_do_you_password_protect_directories_using_.htaccess%3F" title="How do you password protect directories using .htaccess?">How do you password protect directories using .htaccess?</a></html>
-<html><a href="/How_do_you_recursively_adjust_file_and_directory_permissions%3F" title="How do you recursively adjust file and directory permissions?">How do you recursively adjust file and directory permissions?</a></html>
-<html><a href="/How_do_you_restrict_directory_access_by_IP_address_using_.htaccess%3F" title="How do you restrict directory access by IP address using .htaccess?">How do you restrict directory access by IP address using .htaccess?</a></html>
-<html><a href="/How_do_you_setup_a_powerful_password_scheme%3F" title="How do you setup a powerful password scheme?">How do you setup a powerful password scheme?</a></html>
-<html><a href="/How_to_add_CSRF_anti-spoofing_to_forms" title="How to add CSRF anti-spoofing to forms">How to add CSRF anti-spoofing to forms</a></html>
-<html><a href="/Htaccess_examples_(security)" title="Htaccess examples (security)">Htaccess examples (security)</a></html>
-<html><a href="/Joomla_Administrators_Security_Checklist" title="Joomla Administrators Security Checklist">Joomla Administrators Security Checklist</a></html>
-<html><a href="/Moving_sensitive_files_outside_the_web_root" title="Moving sensitive files outside the web root">Moving sensitive files outside the web root</a></html>
-<html><a href="/Security_Checklist_7" title="Security Checklist 7">Security Checklist 7</a></html>
-<html><a href="/Category:Security_FAQ" title="Category:Security FAQ">Category:Security FAQ</a></html>
-<html><a href="/Template:Security_Guide" title="Template:Security Guide">Template:Security Guide</a></html>
-<html><a href="/Security_and_Performance_FAQs" title="Security and Performance FAQs">Security and Performance FAQs</a></html>
-<html><a href="/Top_10_Stupidest_Administrator_Tricks" title="Top 10 Stupidest Administrator Tricks">Top 10 Stupidest Administrator Tricks</a></html>
-<html><a href="/Vulnerable_Extensions_List" title="Vulnerable Extensions List">Vulnerable Extensions List</a></html>
-<html><a href="/Vulnerable_Extensions_List_(Archived)" title="Vulnerable Extensions List (Archived)">Vulnerable Extensions List (Archived)</a></html>
-<html><a href="/What_are_the_top_10_stupidest_Joomla!_security_tricks%3F" title="What are the top 10 stupidest Joomla! security tricks?">What are the top 10 stupidest Joomla! security tricks?</a></html>
-<html><a href="/What_are_these_strange_(URL-Encoded)_characters_doing_in_your_code%3F" title="What are these strange (URL-Encoded) characters doing in your code?">What are these strange (URL-Encoded) characters doing in your code?</a></html>
-== REMEMBER ==
-#'''There's no one right way!''' Due to the variety and complexity of modern web servers, security issues can't be resolved with simple, one-size-fits-all solutions. You, or someone you trust, must learn enough about your web server infrastructure to make valid security decisions.
-#'''There's no substitute for experience!''' To secure your web site, you must gain real experience , or get experienced help from others.
-#'''It's not as hard as it looks:''' The following checklist may seem intimidating, but you don't have to deal with all of it at once. As you become more familiar with GNU/Linux, Apache, MySQL, PHP, HTTP, and Joomla, you'll add refinements to your combination of security tactics. Security is a moving target, so today's expert might be tomorrow's victim. Good luck!...
-Please read [[Joomla%21 Administrators Security Checklist]] for more information.
-See all documents in the [[:category:Security|Security Category]].

Difference between revisions of "Security"

From Joomla! Documentation

Latest revision as of 14:08, 5 June 2015

Security Guide

Recommended Reading

More Articles Relevant to Security