Video tutorial on increasing Joomla security

Joomla site builder is one of the oldest scripts under PHP; this content management system is completely designed based on the Internet; by using this content management system or CMS and implementing it on your host, you can easily upload files, Display your texts, and images in an organized way, one of the popularity of Joomla that has made it so popular is that with a few clicks you can install the script and then without having any technical knowledge of web programming. Design and implement your site on the Internet. Most website designers and internet users also prefer Joomla to design their websites because, in addition to being free, it has a beautiful graphical user interface that can be easily developed and upgraded. Joomla security is an incredibly powerful site builder software that allows you to create many graphic pages with a few clicks through its user-friendly management panel. Another reason for the popularity of Joomla is that this software is completely open source under the Internet and the software developer has provided you with the software codes in full, and in the same way you can make all kinds of necessary edits and changes. To customize this system, do it in its codes. This site builder is designed in such a way that it is possible to organize infinite information in different sections and collections through its completely Persian management panel.

How important is increasing Joomla’s security?

Some people believe that it is enough to just buy a Joomla hosting and run their site on it. But the important point is after launching the Joomla site! The newly launched site definitely lacks security features, and for this reason, it is necessary to think about the security of our Joomla before anything else. Hackers can easily infiltrate sites that are weak in terms of security and make your site unavailable. Now, what if you have important information? In this case, it is enough that you have not followed the most important issue, i.e. backup, and you will lose your important information. In the world of the internet and virtual space, many hackers are trying to get the information of small and big sites. Security issues are a must for any site and failure to comply with them can create big security holes. In order to prevent unauthorized persons from infiltrating privacy and important information, security issues are one of the basic requirements for any site that should be addressed before anything else. In this training, we have tried the strongest and the most complete methods of increasing security so that you, dear users, can use your Joomla sites with maximum security; of course, please note that it will never be possible to increase security 100%, and even the most secure sites may be hacked by Professional hackers get hacked. Therefore, you should study these fields daily and monthly so that you can implement the latest security enhancement methods on your Joomla website and prevent security holes from appearing on your site.

  1. Leave the admin username

Users usually use simple and common usernames, which can lead to site hacking. Administrator or Admin or Manager usernames and the like are repetitive, simple, and recognizable. After choosing such usernames, avoid them.

First of all, a hacker will try to manage your Joomla site with an admin username, and unfortunately, many users use the same username.

So you need to change your username first. For this purpose, follow the following steps:

  • Enter the control panel of your Joomla host (we use the cpanel host in this tutorial)
  • Log in to PHPMyAdmin and select the database for your Joomla site.

joomla-security-2

  • Database tables will be displayed for you. In this step, select the users table.

joomla-security-3

  • According to the image, the records of the table will be displayed for you. From the user login section, define the username from admin to an unrecognizable username similar to cfgJR5643HMrT56.
  • Your username has now been changed.
  1. Make your passwords strong

Simple and short passwords can be very dangerous. Always use complex passwords containing upper and lower-case letters, numbers, and special characters. For example, sSFA524%$2F85*+sd!sfGSD55^4#s$ is a very strong password that is not easily recognized. Some people use a common password for e-mail, forums, hosting, Joomla administration, etc., and this is very wrong. Date of birth, mobile number, and numbers that are easily recognizable in your life are much easier to be discovered by hackers. So be sure to use a strong and long password with a very high degree of security.

For this purpose, in the continuation of the tutorial on changing the admin user name:

  • In phpmyadmin, after changing the username, you can change your password from the login password column. As you can see, the password in this field is hashed, and for a new password, you must enter its hashed code in this field.

Therefore, you must first choose a complex password similar to sSFA524%$2F85*+sd!sfGSD55^4#s$.

  • After that, visit http://www.md5hasher.net/. This site allows you to hash your passwords.
  • Enter your password in your input field.
  • Then click on hash it to give you the hashed code. Select all the code and copy it.

joomla-security-5

  • Now you have to enter this code in phpmyadmin and replace the existing code in the password section.

joomla-security-6

After that, you have to log in to your Joomla administration again with your new and secure username and password.

  1. Don’t forget to update!

We all know that the reason for creating new versions of any software or system, in addition to adding new features, was the existence of problems in the previous version. These problems can be security holes or bugs in previous versions. By receiving new versions and updating Joomla, security holes in our Joomla content management system are identified and fixed by a security path. So, by updating your CMS, you can prevent security bugs as much as possible.

In addition to Joomla, the plugins and templates used must be updated regularly and as soon as the new version becomes available. Plugins that are not updated can also be considered a security weakness and become very dangerous security holes. So updating plugins is also very important.

To update Joomla and plugins, proceed as follows:

  • Log in to your Joomla admin.
  • As you can see, if there is an updated version, a notification will appear in Joomla management, through which you can update your Joomla. Click on the “Update Now” button.

joomla-security-7

  • Click on the “Install the update version” button.

joomla-security-8

  • To update plugins, from Joomla management, click on the plugins menu, from the opened drop-down list, select the plugin management option.

joomla-security-9

  • On the plugins management page, select the update section. The plugins that need to be updated are all visible in this section and you can update them to the latest available version.
  1. Backup smartly…

One of the basic principles in running a website is to make backups at short intervals. In this case, you will not have to worry if there is a problem with your site information. Always make a backup of your site information and especially your databases and keep it in a safe place. Be sure to make a backup before any manipulation on the site so that you can activate your site in case of a problem. For backup, you can use the backup training in cPanel .

  1. Keep the php file out of reach

The Configuration.php file is one of the most important files of a Joomla site and contains database settings, etc., and this file must be placed in a remote location.

For this purpose, proceed as follows:

  • Select the configuration.php file. Click on the Move option.

joomla-security-10

  • Select the route of the root host (in fact, you should not enter anything in the transfer path section) and click on Move File.

joomla-security-11

  • In the next step, enter the administrator/includes path to modify the links. Select the php file and click on Edit until its codes are in editing mode