How To Avoid The Pharma Hack

Like all things in security - there are no guarantees. If you want to be entirely sure your website never gets hacked then build your website, take it offline, put it on a computer in your bedroom that is never connected to the internet, and never turn that computer on. That will be very secure - but will totally defeat the purpose of having a website, namely to have a publicly accessible presence.

There are more reasonable steps that you can take though:

  • To minimise the chances of a successful hack
  • To speed up recovery if you do succumb at some point

The most important thing you can do, and we can't stress this enough, is to keep your website up-to-date. Not the articles and the images, but the underlying Content Management System that helps you build your website and that provides all the nice interactive elements. That's the part that gets exploited.  You *must* keep the Content management System that powers your site up-to-date, whether that is Joomla, Wordpress, Drupal or any other system.

Likewise, and in many respects more critical, are the myriad third party add-ons within your site.  A CMS like Joomla or Drupal is tested by many knowledgeable people before it is released. The add-ons you or your developer installed to give you a nice calendar, an image gallery, a forum or whatever else are somewhat less tested, are typically built by hobbyist programmers and contain more bugs. WYSIWYG editors and file upload functionality offer another vector through which many sites are compromised.  You must monitor the extensions your site relies on and keep them up to date. If you can't do this then pay someone who can.


© Copyright 2002-2016
Dean Marshall Consultancy Ltd - all rights reserved
Registered in England and Wales, Company number 6615299
A team of professional developers specialising in custom Joomla development

Dean Marshall Consultancy - a Member of W3C Sites XHTML valid website valid CSS website design WAI conformant website design

The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. This site is not affiliated with, or endorsed by, Open Source Matters or the Joomla! Project.