Jul

What Version Of Apache / MySQL / PHP Are You Using?

As far as we are handling Apache, MySQL, and PHP, they fall into the category of “Application of repute” to support and upgrade security at their latest stable versions, but all of them and at some point in time their respective projects, may have experienced more vulnerable periods from high or low.

If you are using versions of some of these applications, which undoubtedly will comply from a particular version number, with the minimum requirements to run Joomla, But with known vulnerabilities, not correct and / or without official support , we are looking at some acceptable level of safety. Therefore, it is also recommended to move within an acceptable level of security, using or being updated to latest stable versions.

What security measures are currently implemented?

Do you use strong passwords?

strong password means that more than eight digits, consisting of letters, numbers and signs allowed, without any sense.
Change passwords periodically and do not use the same passwords for levels which are having different access, is highly recommended as well.

Do you have a complete backup of your site?

Having a data backup of your database and files and folders on your dedicated hosting at least once in a week will help in case of intrusion at least not to lose all your work and others have contributed to your site.
If you use hard drives replica, or work with replicas of the DB, you can minimize the loss of sensitive information.
Provide support for traditional backup and replication support for help to overcome most problems, and the absence of any of them can lead to irreversible situations in regard to information retrieval.

Extra Protection From?

On the extra protection, only commenting that deals with limiting the damage, but not acting directly on the root of the problem .. that in most cases, the root of the problem, software will be vulnerable or improper seating.
Examples of extra protection, the rules are anti-or anti-exploit SQL injections, which, when detecting any “malicious pattern” within a URL access, block it.
And so, normally, most of applications such as Apache can be good, have some type of utility, type mod_security, mod_rewrite which, if configured properly, frustrate many of the unwanted intrusion attempts with little yield false positive.
Then, against security holes in code, the extra protection, which is more breading solution, you can save on many occasions.
The availability of this type of protection for what are the applications that make up our environment, and it never hurts to review all the access log or error within our reach.