Joomla Security:

Sometimes you need to block a certain IP address, a group of addresses or certain hosts from accessing your Joomla website. Reasons may include: It's a hacking attempt coming from that IP Someone ...

Every hacker in this world knows, that by default all Joomla database tables have the "jos_" prefix. Is that well known, than even automated defacing scripts are using this, and there are a lot of "tools" ...

In various blog posts, security bulletins, etc. you can read, that you need get rid of the default "admin" user with Super Administrator privileges (and with the default UserID of 62 or 42 - depending ...

This is a key security issue, but unfortunately many of the Joomla site-owners need guidance on this. First, let's see what you should know: Joomla is a typical LAMP (Linux/Apache/MySQL/PHP) application, ...

Beginning with Joomla 1.6 it's possible to lock anyone out of the back end of the website — including Super Users with Admin permissions — by setting the Site Admin permission to Deny. And this is something ...

Pissed off, eh? Me too! After you put together your site (small or big, hobbyist site or a large corporate one) and installed all the security gizmos available out there you began to receive all kind of ...

Now you have one more extra reason to use Google's very useful Webmaster Tools. Recently Google added to his arsenal of Joomla related enhancements a useful one: In the Google Webmaster Tools you will ...

You may think that updating your Joomla site to the latest version is not something worth doing every time a new version is released. The site works just fine, and you are not interested in the eventual ...

It's always a wise move to move your sensitive files outside of the so called WEBROOT, the directory which is used by Apache to show your website. This way you can be sure, that nobody else, but your ...

In a previous tip where I described how you can made a Joomla site more secure by relocating the admin login page I presumed that anyone reading it is a code guru. But what if not? More and more webmasters ...

Most of attacks on the web - and Joomla sites aren't an exception - are made fully or in first phase at least by automated robots. These are using known entrance points as administrator logins to most ...

Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. His pair, Local File Inclusion ...

Many of you probably had seen already the red warning in Joomla's admin interface, that you need to have the Register Globals set to "on", otherwise your site is exposed to security treats. And also ...

Joomla specifies certain settings that are recommended for proper functioning of the system. A list of the recommended and actual settings is displayed when you install Joomla. One of the recommended ...

By default, across all Joomla versions from Joomla 1.0, through Joomla 1.5, Joomla 1.6 to the Joomla 1.7 the basic structure of default user groups is unchanged. The users are generally sorted in 3 main ...