3 quick tasks to improve your Joomla security with Admin Tools
Monday, 03 August 2015 / Blog
Most Joomla experts use Admin Tools as one of the core add-ons for each and every one of their websites.
Produced by one of the most influential and skilled Joomla developers on the planet, Admin Tools provides a suite of tools that help keep your website safe and running smoothly.
Some of the utilities in Admin Tools are more complex than others, but the following three can be used quickly and regularly to make sure your Joomla security status remains high.
1. Password protect the Administrator folder
Free and Pro versions (use occassionally)
Many hacking and intrusion attempts in Joomla are directed at the Administrator/ folder.
Password protecting this folder is a great way to discourage all but the most determined attempts to access your Joomla website.
Admin Tools makes this easy. Simply click the Password-protect Administrator
button on the Admin Tools Dashboard and enter the desired username and password.
We recommend changing this password regularly and following any schedule set forth in the security policy for your website, company or organization.
2. Fix file permissions
Free and Pro versions (use regularly)
Just like the articles and categories you create in Joomla, the files and folders on your webserver have permissions and access rules.
Joomla security relies in part on ensuring that these permissions are set appropriately to allow the public to use your website but not to be able to modify it.
Fortunately, using Admin Tools means you don’t need a system administrator to safely maintain the permissions for the files in your template folder and all the other files on your website.
A single click on the Fix Permissions button is enough to repair any issues.
We recommend using this feature regularly, especially after installing new extensions and performing site maintenance.
Fixing permissions is also a good first step when troubleshooting bugs on your website as it rules out permissions as a source of the problem.
3. Create a strong HTACCESS file
Pro version only (use occasionally)
An .htaccess file is a directory-level configuration file placed in the root of your website that allows you to customize some aspects of your server configuration.
Joomla ships with a default .htaccess file which users can enable when — for example — enabling search engine friendly URLs.
However, adding the appropriate directives to an .htaccess file can significantly improve the security of your Joomla website (and indeed amlost every website).
The only problem with .htaccess files is that they can be tricky to configure.
Admin Tools Professional simplifies the process of configuring and generating .htaccess files. The end result is a website that performs better and is protected from a great many threats including common file injection attacks, clickjacking, and access by malicious user agents, to name but a few.
Hardening your server via the .htaccess file should be done updated regularly as security best practices are always evolving.
The .htaccess maker is routinely updated so it’s a good idea to review your settings on a regular basis and apply any changes to your .htaccess file as appropriate.
Take Joomla security seriously with Admin Tools
Admin Tools is a must-have add-on for any web development professional and indeed any hobbyist who takes Joomla security seriously.
With a very robust free version, and an affordable professional version — just €40 per year for use on an unlimited number of websites — there is little reason to maintain a Joomla website without Admin Tools.