Here we've listed the ten most likely ways your Joomla website will get hacked. How many of them could catch you out? Here are numbers ten to six:
#10 Cheap Joomla Hosting
Why would you go for the cheapest hosting provider you can find?
Cheap or low cost hosting providers use shared servers that can host up to 1,000 websites. Shared hosting by itself is not bad, but if you pay the minimum amount for your hosting you know it will not be configured for optimal speed or security.
Cheap hosting is sold as a lead generator
When something goes wrong - and it will - the hosting company will do everything to up-sell you to a more expensive package that they claim is more secure - and it isn't - for optimum security, smaller hosting providers like ourselves offer the best Joomla hosting packages.
#9 Joomla And Server Login Details Taken From Infected Computers
Malware, Spyware and other computer infections once accounted for the vast majority of website hacks, peoples awareness of viruses and better quality antivirus has reduce this form of hacking, however it does still happen and I've seen an incident of this in the last two months(May 2012).
Run regular full system checks against all machines that are used to access your website, be careful / vigilant when browsing the Internet and opening emails. Don't risk your businesses reputation, keep your computers clean and free from infections with the added benefit of helping to keep your website clean.
If you are concerned about your website's security or believe you might have already fallen foul to hackers, do not hesitate to get in touch.
#8 No Security Measures For A Joomla Website
Database prefix, super admin id, upload limits, hot linking, blocking terms in URLs, block all SQL injections, etc, etc.
Some of these are basic, some are complicated and should be done by a Joomla professional. From my point of view if your are a serious business and you've not implemented these and other Joomla security measures, you are begging to be hacked and made a fool of. Your website is your online shop window, defacement, spam emails in your name, outbound links to porn sites, user information taken and used, etc. I'm not scaremongering I see it a few times every month, and funnily enough it's never ourselves.
Keeping on top of your website will save you money should something go wrong, a recent large hacking incident set someone back over £2,600 for the de-hack and a further £480 to seal other weaknesses. They needed to retrieve their user's information no matter what, and keep an online presence throughout. With some expert Joomla security measures none of this would have happened, a £350 Joomla security audit would have shown all the potential issues and pointed out how to fix and seal the cracks. A further £360 would have paid for us, true Joomla experts to do the necessary work, this would have stop the hack and also fix other weaknesses that the site audit highlighted.
#7 Old Unused Joomla Extensions In Your Site
This is obvious, if you are no longer using old extensions or you've installed something and never used it, delete it. This can only cause you trouble and offer nothing positive in return.
#6 Badly Coded Third Party Joomla Extensions
I've seen some that access the database with a URL query, this means someone could type a piece of code into a URL bar on a browser and access your database. These badly coded add-ons get reported to the Joomla Extensions Directory (JED) and removed, unfortunately people will have already downloaded then and started using them.
There are websites that list extensions with known issues, if you are serious about your website's security and that of your users, you should check on all, of your third party extensions.
The next page lists the five most common Joomla security issues.