SECURITY ALERT: Website Defacement on Joomla

Knowledgebase

(29)WHM (58)cPanel (35)Plesk (33)CentOS Linux Server (5)Windows Server (8)Cloud (18)Billing (3)MS Exchange (3)Forex (21)VPS (Virtual Private Server) (194)MANUALS / GUIDES (26)Applications (43)CMS (Content Management System ) (106)Control Panel (33)Database (59)Dedicated Servers (35)Domain Name (19)Domain Name Server (DNS) (6)Downloads / Tools (6)Email Blasting (International) (139)Email Hosting (4)FAQ for ex-SmarterTeam customers (3)Google Apps (5)Network (5)Reseller Tips (2)FAQ for IPxCess (172)Security (119)Shared Hosting (21)SSL (2)Video Guide (2)VPN (Virtual Private Network) (9)Webserver (18)Business Email Hosting (Dynamail) (17)Wordpress Web Hosting (5)Linux Web Hosting (cPanel) Windows Web Hosting (Plesk) Strongbolt Email Hosting Website Builder Hosting (1)Migrations (16)Microsoft 365/O365

Knowledgebase: MANUALS / GUIDES

Posted by on 02 May 2012 12:24 PM

ATTENTION: All Joomla website owners/administrators

Our Security team received a number of alerts about website defacement on Joomla websites.

Therefore, we would like to propose you some precautions to take in order to prevent website defacement:

1) Update your Joomla components from time to time.
2) Do not install older Joomla themes/components/addons on newer a Joomla version. Although the Joomla system is allow to do so we do not recommend such installations (e.g you have Joomla 2.5 but install a Joomla component for version 2.3).
3) Remove or Delete any unused Joomla components or add-ons.
4) Change the Joomla default administrator username with another username. Default username: "admin".
5) Change your Joomla administrator password on periodic basis. Recommended: once every month.
6) Make sure all the File permissions are correct. File's Permission: 644 while Folder's permission: 755. As for "Configuration.php" file, change permission to 444.
7) Back up your Joomla on periodic basis. Recommended: at least once every month.

If you experience any issues, feel free to get back to us.
Thank you.