Who’s snooping around your website?

August-Hacking

What makes a website a target of attack?  Is your website a potential target?  Do you know if your website is being targeted?

Continue reading
  750 Hits
750 Hits

Joomla 3.10 enters the Security Support Phase

May-J3.10

Joomla 3 has been around for a long time. It is easy to forget how successful the series has become and how much it has evolved over the course of the minor versions.

As it approaches its final year as a mature, stable version of Joomla, it is about to enter its security support phase.

Continue reading
  31253 Hits
31253 Hits

Joomla’s New HTTP Headers Plugin For J4

HTTPHeaders

Following on from last month's article about security, passwords, and Joomla’s WebAuthn plugin this month, we’re going to look at another Joomla security feature that launched with J4. That is the HTTP Headers plugin which is now included as part of Joomla’s core functions.

Continue reading
  31859 Hits
31859 Hits

A Dive into the WebAuthn API in Joomla 4

WebAuthn-Passwordless-Login

Have you noticed there’s a new Web Authentication button on the new Joomla 4 login screens?

It's there because of Joomla’s new WebAuthn API that allows secure logins with a FIDO certified key. So, let's take a dive into passwords, security, and WebAuthn, and find out how to activate it on your user account in Joomla 4.

Continue reading
  30924 Hits
30924 Hits

A Security Overview of Joomla’s Checking and Validation of File Uploads

September-Security

Content Management Systems are what you choose when you are not willing to build and to administrate a whole new front and backend for a website and if your content creators are not familiar with developing source code. While running your Joomla CMS there could come new demands in the matter of functionality or design from you or your users. The fast and easy way is to install a plugin that will do the magic. But that may lead to new vulnerabilities in your system. In particular, file uploads are a possible attack vector. In this article, we will talk about vulnerabilities through files and plugins.

Continue reading
  2226 Hits
Tags:
2226 Hits

Best Practices to Secure your Joomla Website

Secure your Joomla Website

Joomla Content Management System (CMS) is widespread on the internet due to its ease of use and popularity since it is the second-largest CMS downloaded over 110 million times. But, even though popular, Joomla and all other websites, apps, eCommerce sites, or other CMSs contain security risks. You cannot escape them but fortunately taking the right precautions from the start can ensure your site is protected.

Continue reading
  3294 Hits
3294 Hits

Protecting your resources from web attacks using a new Feature called FetchMetadata

November-FetchMetadata

In June 2020 Google published an article called “Protect your resources from web attacks with Fetch Metadata” on web.dev. It's a new set of request headers to protect your site against common attack vectors for web applications.

Continue reading
  3332 Hits
3332 Hits

Passwordless authentication for secure, fast and easy logins in Joomla! 4

December-WebAuthn A Joomla 4 security feature

Joomla! 4 introduces a plethora of new and exciting features. While most of them are very visible, giving you new ways to build and use your sites more easily, there's an abundance of features designed to enhance the security of your site. Today we'll be talking about WebAuthn, a feature that has the unique distinction of belonging in both categories: it makes your site login more secure and easier at the same time.

Continue reading
  25502 Hits
25502 Hits

Joomla 4: Using the Security Header Features

june-csp

How secure is your Joomla site? Joomla 4’s new features to manage security headers from within your site make protecting your site even easier.

Continue reading
  6566 Hits
6566 Hits