It is very common nurtured false belief that “to summon a website, simply install Joomla! and ready ” .
While Joomla has been engineered to provide facilities to a wide range of users, including those with little or no programming knowledge level websites, this does not mean at all that maintain safety on our sites is governed by the same advantage .
Then, if it may be true that “to summon a web” with Joomla! enough to know you’ve actually set it up and “put together a website,” but one thing is the ease of use, flexibility and extensibility that provides Joomla! and quite another to maintain the security of our sites within acceptable levels.
Review each question that are presented below:
- What version of Joomla are you using?
- What third-party extensions you have installed?
- What version of Apache / MySQL / PHP are you using?
- What type of server hosting you have hired?
- What security measures are currently implemented?
- What version of Joomla are you using?
An acceptable level of security is to use the latest stable versions of each of the applications that make up our website and the Joomla is no exception.
While Joomla CMS is a pretty sure of itself, which takes care to avoid unwanted intrusions through your code, or that when it detects a vulnerability to high or low, is quick to repair it as soon as possible.
What third-party extensions you have installed?
If Joomla is responsible for ensuring your code to avoid unwanted intrusions by the same both for what is the core of the application to the extensions that come natively with the installation of CMS. There are lots of extensions programmed by third parties (the CMS installed later) that are not under the control of quality or safety of the Joomla!, but of the respective authors of each of those extensions.
While the purpose of upgrading to the latest stable versions of the extensions we are working with, we face the same criteria applied in the previous paragraph and for the same reason, it should be emphasized that, contrary to what might happen with CMS currently extensions under a security aspect, may have been poorly programmed by their respective authors, or lack of support or updates in this regard.
It is difficult for the eye of someone who is not skilled programmers to distinguish between the variety of tastes and colors with which we get the extensions (seen from a look of “secure programming”).
When an extension programmed by third places on record, in a manner similar to that used by the authors of Joomla, They are implementing security policies designed to thwart intrusion attempts known by its code, or , updated as soon as possible if new security flaws detected, we would, again, in conditions or acceptable level of safety.
In the opposite case, we would be with that third-party extension in particular, unfavorable security conditions, and therefore in a very low level of security is acceptable.
While it provided “vulnerable extensions list” does not mean that “the other extensions that do not appear in that list are safe, viewed from the code and about the chances of malicious intrusions known through it.”
Take these lists as a means commonly used to stay informed and continue to report, among all, on extensions that allow malicious intrusions through your code and get more and more complete lists (perhaps an extension that appears on this list only vulnerable to an earlier point in their development and later to the version mentioned in that list, solved the security problem on their part).
The extensions use only reputable and stable, supporting and updating the security issue, you will greatly limit the extensibility of your project, but will keep within an acceptable level of safety.
Latest posts by ESDS (see all)
- How Cloud Computing Is Changing The Labor Market - March 25, 2015
- Adopting Infrastructure as a Service Can be a Good Deal - March 17, 2015
- Will Virtualize? Take These Six Points Into Consideration - March 12, 2015