Results 1 to 8 of 8

Thread: How secure is Joomla?

  1. #1
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts

    How secure is Joomla?

    A friend had her joomla site hacked. Still trying to figure how they got in, but wanted to see if some of you have experienced Joomla insecurity and have some advice on how to secure it.

    Thanks!
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  2. #2
    Will.Spencer's Avatar
    Will.Spencer is offline Retired
    Join Date
    Dec 2008
    Posts
    5,033
    Blog Entries
    1
    Thanks
    1,010
    Thanked 2,327 Times in 1,258 Posts
    The Joomla folks are pretty serious about security issues. Their security people make up the Joomla Security Strike Team.

    As with most any other server application, the two most important things you have to do in order to maintain security are proper configuration and prompt updates.

    For proper security configuration, she should become very familiar with the Joomla Administrators Security Checklist.

    Joomla had two known security vulnerabilities fixed at the beginning of November. Joomla 1.5.8 includes the fixes.
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  3. Thanked by:

    elishevadpw (26 December, 2008), Mike Dammann (26 December, 2008)

  4. #3
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    OK, I will ask Elisheva later. I bet it was not the latest version!
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  5. #4
    elishevadpw's Avatar
    elishevadpw is offline Net Builder
    Join Date
    Dec 2008
    Location
    under the equator
    Posts
    120
    Thanks
    40
    Thanked 45 Times in 17 Posts
    Quote Originally Posted by firetown View Post
    OK, I will ask Elisheva later. I bet it was not the latest version!
    Uhm... yup as embarrassing as it sounds... it was a 1.0 version (not a 1.5) and I didn't even bother to upgrade it to the newest one.

  6. #5
    Hellas's Avatar
    Hellas is offline Very Unusual Member
    Join Date
    Dec 2008
    Location
    Bosnia
    Posts
    1,051
    Thanks
    214
    Thanked 292 Times in 205 Posts
    Joomla is very secure as long as you keep updated. Old Joomla is very easy to penetrate since Joomla release all bug information and bad people can see it and exploit it. JUst check links Will gaved, and stay updated.

  7. #6
    borce's Avatar
    borce is offline Newbie Net Builder
    Join Date
    Dec 2008
    Posts
    74
    Thanks
    8
    Thanked 7 Times in 6 Posts
    1. Always check Joomla page ( Joomla! )
    2. Always see on milw0rm is there new Joomla vulnerability


  8. #7
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    Ouch I just checked his site and it´s almost like a hacker´s guide on which wp plugin happens to be the easiest to target right now.
    And of course it helps people to find programs and plugins to avoid, but unfortunately the average user is not that savvy.

    This video is front page http://milw0rm.com/video/watch.php?id=74
    Seems like those who want to get into Joomla can if they are capable of following simple instructions.
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  9. #8
    Mia's Avatar
    Mia
    Mia is offline Net Builder
    Join Date
    Dec 2008
    Location
    In a House
    Posts
    104
    Thanks
    31
    Thanked 59 Times in 42 Posts
    Just wanted to chime in here. So far, of any site I have seen get hacked, it is generally due to pilot error, even by myself. As previously mentioned, the Joomla guys are pretty on top of security issues. So far, I've not had any recent issues, at least not with the latest build. I have several joomla, sites fyi and have no issues outside of the one time I did something stupid.
    Jer - OWNER HostDrive.Com and HostingLizard.com

Similar Threads

  1. NameSecure can't secure your name
    By Mike-XS in forum Domaining
    Replies: 0
    Last Post: 14 March, 2010, 18:23 PM
  2. Replies: 2
    Last Post: 8 March, 2010, 12:10 PM
  3. Keeping Your Blog Secure
    By Jesse in forum Wordpress
    Replies: 8
    Last Post: 10 July, 2009, 21:44 PM
  4. How do you legally secure your own software?
    By Mike Dammann in forum Tech-Talk
    Replies: 1
    Last Post: 12 April, 2009, 10:42 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •