Security
All articles of this category belong to the security part of a Joomla site. The articles are targeted to beginners as well as to advanced site administrators who want to get additional knowledge. To server our audience, we have provided tags to our manuals to indicate the expertise level.
- Details
After installing a Joomla site with the default setup, a lot of sites want their users to be able to register. However, there are a couple of caveats when activiting user registration using the default Joomla settings.
- Details
As more and more threats from the internet try to hack your website, I collected a lot of useful Joomla hardening information around the web and brought them together in this article
- Details
- Written by Edoozeh
Showing your visitors you care about their security is always a good idea. This small article will explain how you can configure this setting in the Joomla Global Configuration in 1 step.
- Details
- Written by Edoozeh
Although you may think it's not that easy to find out what CMS or technology your site is running on, if it's not really hardened with specific trics, it's quite straightforward to find out what CMS your site is running. So make sure you follow up the possible problems you can get and take your responsibility to update vulnerable components
- Details
- Written by Edoozeh
It's fairly easy to find out what's the engine (CMS) behind your website by default, but with only a couple of extra lines of code you can make it impossible for unskilled script kiddies to find out what's under the hood.
- Details
There are lots of monitoring sites available to check if your site is running the correct way. If you use these monitoring sites on a regular basis, a change in answer times or performance evaluation can show you immediately that something is going wrong. A few of the tools I personally use are
- Details
Only a limited number of well chosen extensions can make your life as a Joomla webmaster much easier
- Details
Joomla is well equiped to configure it as a very safe en secure environment. Although it's quite safe out of the box, you better make a couple of configuration adaptations to make it even harder for would be intruders
- Details
If your website runs on Apache (as is the case for almost 60% of all sites worldwide known, we have found a couple of interesting configuration adaptations which can help you harden the Apache part. Other servers can have equal configurations, but we will limit ourselves to Apache only.
- Details
One of the non-core Two Factor Authentication possibilities in Joomla is implemented using the Clef 2FA. In this article, we will explain what extension to use, how to install and what extra steps you have to take to make it visible and usable all over your Joomla site.
- Details
In Joomla, we have a couple of 2FA implementations we can choose from. Some of them are part of the Joomla core, others are written as extensions.
- Details
- Written by Edoozeh
Two Factor Authentication or 2FA is a very good extra security layer for your site, but what if things go wrong and you cannot enter your site anymore as an administrator?
- Details
In all installations where software is involved, things can go wrong or don't work as expected. 2FA is no exception to this rule but we provide a solution for all of the cases where we have found out how to solve it.
- Details
After you have activated at least one of the 2Fa plugins, your login screen has changed.
- Details
Before being able to use 2FA, every user will have to set it up for him or her self. Depending on the access one has to the site, (s)he can configure the 2Fa feature using the back end or the front end. This article explains how to enable it using the back end of the site, both for Yubikey and Google Authenticator.
- Details
Before being able to use 2FA, every user will have to set it up for him or her self. Depending on the access one has to the site, (s)he can configure the 2Fa feature using the back end or the front end. This article explains how to enable it using the back end of the site, both for Yubikey and Google Authenticator.
- Details
How do you make it possible for your website users to start using the 2FA possibilities? Simple: just enable the plugins so the users can start configuring their logins. But what plugins have to be enabled and how do you do that?
- Details
If you want to use your Google Authenticator code generator, you have to configure it with the data provided by the application or site you want to approach using the Two Factor Authentication. In this article, we will describe the setup for both Windows and Android devices using the code generators as described in our article about this topic. As this site is focused on Joomla, we will describe the setup of the applications linked to the Joomla 2FA.
- Details
To use Two Factor Authentication using Google Authenticator, you will have to install a code generator to generate your secret key. In this article, we elaborated 2 key generators (each on their own platform) which can be used for Joomla Two Factor Authentication - Google Authenticator.
- Details
There are couple of different solutions to protect your website from being hacked, and a lot of free and commercial extensions are available. However, before we dive into the details of all these possibilities, we need to know the very basics of a system to be secured with two factors (the so called Two Factor Authentication).