RSFirewall! and website protection

Share this post

Submit to DiggSubmit to FacebookSubmit to Google PlusSubmit to TwitterSubmit to LinkedIn

In the past 90 days JenTekk has received requests from various companies and organizations to clean up their hacked websites.

Today alone JenTekk has been the target of over half a dozen suspicious visitors and/or session injection attempts - and lived to tell about it. Below are the most recent 5 as reported by RSFirewall! - a commercial Joomla! firewall extension.

RSFirewall! - Joomla website firewall extension

With online hacking and cyber security threats on the rise, this is no surprise, and the reason why I always advise my clients to invest in website firewall protection over and above the security best-practices steps we can take to thwart website hackers. No website is unhackable, but not taking these foregoing safety precautions in today's cyber environment is simply asking for trouble.

An ounce of prevention is worth a pound of cure. Installing a firewall extension can save you a considerable amount of time, money and aggravation in the long run, and RSFirewall! at only 49€ is worth every euro.

Posted in Website Security

Hacker's Calling Card

Share this post

Submit to DiggSubmit to FacebookSubmit to Google PlusSubmit to TwitterSubmit to LinkedIn

A local organization contacted me this week in a panic. Their Joomla CMS website had been hacked... AND the hackers left their calling card.

Hacker's Calling Card

Joomla Security Tips

Below are some tips to help you secure your Joomla CMS site. This isn't an exhaustive list, but taking these steps will certainly make it more difficult for hackers to break-in and infect your site.

  • host your website with a reputable hosting company
  • make sure your host is using the latest version of PHP
  • keep your Joomla core and extensions up-to-date
  • make sure all your extensions are:
  • delete unused templates
  • disable the Joomla generator tag
  • move your Joomla tmp folder outside of the root folder
  • set your permissions properly: 644 for files and 755 folders
  • your configuration.php file should be unwrittable - permission: 444
  • set PHP register_globals OFF
  • enable open_basedir
  • disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open
  • block typical exploit attempts with local Apache .htaccess files
  • make sure all passwords are at least 12 mixed alphanumeric characters and contain no common word phrases
  • do not use standard Admin user
  • disable anonymous FTP
  • password protect your Joomla Administrator directory
  • install a Joomla CMS firewall extension

Back-up, Back-up, Back-up,

Remember no website is 100% hack-proof so make sure you back-up your site after each update so that if it is hacked, you're able to roll back to the latest clean version.

For more information check out the Joomla Security Checklist documentation.

Posted in Website Security

CONNECT

(604) 510-2781

CALL TO BOOK YOUR FREE CONSULTATION
We'll meet for coffee or chat on the phone. You share your thoughts, we listen carefully, ask a few questions and offer some ideas - it's that easy.

Copyright © 2001 - 2016 JenTekk Web Solutions. All Rights Reserved.
Professional website design company based in Langley BC, serving Greater Vancouver and Fraser Valley area.
Proudly powered by Joomla CMS - free Software released under the GNU/GPL License.

JenTekk is not affiliated with or endorsed by the Joomla Project or Open Source Matters.
The Joomla logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.