SECURITY ALERT: Website Defacement on Joomla - Powered by Kayako Help Desk Software

Knowledgebase

(18)WHM (34)cPanel (29)Plesk (22)CentOS Linux Server (4)Windows Server (8)Cloud (10)Wordpress Hosting (167)MANUALS / GUIDES (24)Applications (42)CMS (Content Management System ) (97)Control Panel (33)Database (35)Dedicated Servers (20)Domain Name (14)Domain Name Server (DNS) (6)Downloads / Tools (6)Email Blasting (International) (128)Email Hosting (4)FAQ for ex-SmarterTeam customers (3)Google Apps (5)Network (5)Reseller Tips (2)FAQ for IPxCess (151)Security (103)Shared Hosting (5)SSL (2)Video Guide (2)VPN (Virtual Private Network) (9)Webserver

Knowledgebase: MANUALS / GUIDES

SECURITY ALERT: Website Defacement on Joomla

Posted by on 02 May 2012 12:24 PM

ATTENTION: All Joomla website owners/administrators

Our Security team received a number of alerts about website defacement on Joomla websites.

Therefore, we would like to propose you some precautions to take in order to prevent website defacement:

1) Update your Joomla components from time to time.
2) Do not install older Joomla themes/components/addons on newer a Joomla version. Although the Joomla system is allow to do so we do not recommend such installations (e.g you have Joomla 2.5 but install a Joomla component for version 2.3).
3) Remove or Delete any unused Joomla components or add-ons.
4) Change the Joomla default administrator username with another username. Default username: "admin".
5) Change your Joomla administrator password on periodic basis. Recommended: once every month.
6) Make sure all the File permissions are correct. File's Permission: 644 while Folder's permission: 755. As for "Configuration.php" file, change permission to 444.
7) Back up your Joomla on periodic basis. Recommended: at least once every month.

If you experience any issues, feel free to get back to us.
Thank you.