Community Magazine

In this series, we explore methods and tools to test a custom Joomla extension. In this fifth and final episode we’ll check if your extension is secure.

Every day, we send and receive emails, and often, these contain important information that we want delivered securely and for the intended recipient's eyes only. When important things end up in the spam folder, it is a pain… but this is an inconvenience that you can address with a degree of success.Since we are bombarded with fake emails, spam and spoofs trying to trick and do us harm, fighting spam is necessary. If you send emails, there’s a number of tools you can (or should) use to not be classified as spam and show you’re legit: SPF, DKIM and DMARC. 

In cyberspace where dangers creep,
Your secrets kept are not that deep,
Beware the hackers, lurking near,
They'll steal your data, and cause you fear.

August 17, 2023 marks an historic date for the Joomla project: after more than 10 years, the project’s support for the 3.x version comes to an end. However there are still plenty of 3.x sites in the wild, some of them unable to migrate to 4.x in the remaining time frame. Do these sites need to be switched off in a couple of weeks?

Following on from last month's article about security, passwords, and Joomla’s WebAuthn plugin this month, we’re going to look at another Joomla security feature that launched with J4. That is the HTTP Headers plugin which is now included as part of Joomla’s core functions.

At a quarter past midnight, just when I went to bed, I decided to check my email. I was away in the Ardennes (Malmedy, Belgium) with a few work friends.

With 4.2, we now have a new way to authenticate our sites. Two-factor Authentication has grown outdated with many new authentication methods arriving, so along comes Multi-factor Authentication (MFA).

What makes a website a target of attack?  Is your website a potential target?  Do you know if your website is being targeted?

Have you noticed there’s a new Web Authentication button on the new Joomla 4 login screens?

It's there because of Joomla’s new WebAuthn API that allows secure logins with a FIDO certified key. So, let's take a dive into passwords, security, and WebAuthn, and find out how to activate it on your user account in Joomla 4.

Joomla 3 has been around for a long time. It is easy to forget how successful the series has become and how much it has evolved over the course of the minor versions.

As it approaches its final year as a mature, stable version of Joomla, it is about to enter its security support phase.