Great 3rd party security extension
Hi All,
My site has been recently hack while it had the latest updates of 1.5.23..
I have been going through a list of security extension on the joomla main site but don't know which are reliable and worth to purchase.. any recommendations?
Thanks
Tags: 3rd, extensions, hack, party, security
Views: 38
Replies to This Discussion
-
Permalink Reply by Alan Smith on -
Admin tools is the by far the best extension for security:
https://www.akeebabackup.com/software/admin-tools.html
The Pro version is not expensive and gives you just about everything you need to harden your site.
MAKE SURE YOU READ THE DOCUMENTATION.
Cheers!
Alan
-
-
Permalink Reply by Eric Lewis on -
I second this recommendation for Akeeba. I've been using this product since Nicholas developed it.
Akeebabackup is great for backing up in order to restore rapidly after a hack, and akeebackup admintools is essential in preventing a hack. NOTHING can make you totally invulnerable, but admintools goes a looonnnng way towards that.
I also second the RTFM recommendation. Some things aren't necessary to do, others you won't want to live with out, either way, you need to understand what it does and how it works.
I'd say these things:
- Make the Akeebabackup and Admin tools the first thing you install when you set up joomla, before anything else.
- Go with the Pro version. The core version works fine and you have access to the forum on the site for free support, which totally rocks by the way, but the Pro version will give you better external AND internal security, AND you get the Pro support system, which generally will result in an answer to your question with in minutes, as in maybe 15 in most cases, and the answers are succinct, and accurate, not condescending or a lot of BS.
- Spend some time learning about what can be done in your .htaccess file and how your php.ini can limit some security exposure.
- Stay on top of this list and check it anytime your installing a plug in, module or component to make sure you're not putting your site at risk, or if you are, what that risk is.
http://docs.joomla.org/Vulnerable_Extensions_List
I'm sure there's other things, but this is the core of what I do with over 50 sites I have to keep up.
Eric
-
-
Permalink Reply by Mfundo Sithole on -
Hi Guys,
Thanks a million for your responses I will look at going the pro version.
I heard that one must also change the database prefix from _jos to something random -- it is said that it prevents hackers from doing a SQL inject, doesn't this affect Joomla as a whole since extensions are develop to write using _jos.
please advise
-
-
Permalink Reply by Alan Smith on
-
The database table prefix (default = "jos_") is a convention that should be set to something else when you build a site. Issues can arise if you change the prefix in an existing build with poorly coded 3rd party extensions.
Admintools actually includes this option to alter prefixes - I have not tested it myself (I only use custom prefixes), but I suspect it would be fine to try.
I should add that if you have a question or need support as a paid customer, Nicholas provides superb, courteous and precise responses - UNLESS he thinks you have not RTFM...-Alan
Mfundo Sithole said:
Hi Guys,
Thanks a million for your responses I will look at going the pro version.
I heard that one must also change the database prefix from _jos to something random -- it is said that it prevents hackers from doing a SQL inject, doesn't this affect Joomla as a whole since extensions are develop to write using _jos.
please advise
-
© 2012 Created by Amy Stephen.
