How to protect you Joomla installation

5 September 2016 / Published in:  from Ivan Messina
No comments

Joomla is without any doubt one of the most famous Open Source CMS, unfortunately it is also known to have some security flaws.

Punti importanti

  1. Always keep joomla (and its component and templates) updated at the last version
  2. Use a different username than admin
  3. edit regularly your administrator password
  4. only install extensions that are maintained and from certified sources
  5. when you install joomla edit the database prefix, you have already installed it you can use this comonent:

Protect Joomla

Here isa list of actions you should perform to protect your joomla installation.

1) Elimiante all components and themes you don't use

2) Use a SEF Urls component to avoid telling hackers which components you're using with an url like:

3) Add the following code to the .htaccess file to avoid common vulnerabilities:

########## Begin - Rewrite rules to block out some common exploits


# Block out any script trying to set a mosConfig value through the URL

RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]

# Block out any script trying to base64_encode to send via URL

RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]

# Block out any script that includes a < script> tag in URL

RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]

# Block out any script trying to set a PHP GLOBALS variable via URL

RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]

# Block out any script trying to modify a _REQUEST variable via URL

RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) [OR]

# Block out any script that tries to set CONFIG_EXT (com_extcal2 issue)

RewriteCond %{QUERY_STRING} CONFIG_EXT([|%20|%5B).*= [NC,OR]

# Block out any script that tries to set sbp or sb_authorname via URL (simpleboard)

RewriteCond %{QUERY_STRING} sbp(=|%20|%3D) [OR]

RewriteCond %{QUERY_STRING} sb_authorname(=|%20|%3D)

# Send all blocked request to homepage with 403 Forbidden error!

RewriteRule ^(.*)$ index.php [F,L]


########## End - Rewrite rules to block out some common exploits

4) Protect the “tmp” folder. Add a cron to empty the folder regularly with the following command:

nice -n 15 /bin/find /home/YOUR-CONTROL-PANEL-USER/public_html/tmp/ -type f -mtime +1 -exec rm -rf {} \;

You should also disable webaccess to the tmp folder adding an .htaccess file inside it with the following code:

deny from all

5) Install a security extension, they have more options, pick that one that is more indicated for your kind of website:

6) We noticed that most of the attacks are to the administrator folder. Protect that folder for improved security

Official documents on security

For more info you can check:

Leave a Reply

Your email address will not be published. Required fields are marked *