is joomla secure if i: use su_php to run php in cgi mode lock down all component folders other than com_content and images (only necessary folders) do not allow 3rd party plugins do not allow frontend login keep admin login behind a htaccess password change default usetname admin to xxxxxx.admin change default db prefix from jos_ to xxx__ obsviously to secure mysql and linux to a good standard Is there anything im missing? Cheers Ke

Reputation: 2586

is joomla secure if i do the following:

is joomla secure if i:

use su_php to run php in cgi mode
lock down all component folders other than com_content and images (only necessary folders)
do not allow 3rd party plugins
do not allow frontend login
keep admin login behind a htaccess password
change default usetname admin to xxxxxx.admin
change default db prefix from jos_ to xxx__

obsviously to secure mysql and linux to a good standard

Is there anything im missing?

Cheers

Upvotes: 0

Reputation: 88072

The ONLY way for YOU to know for sure will be to conduct a thorough code analysis.

Next, search google for "joomla sql injection" and decide for yourself if it's worth it. (Here's one hit: http://www.packtpub.com/article/preventing-sql-injection-attacks-on-joomla-websites )

Upvotes: 1

Reputation: 4179

change default usetname admin to xxxxxx.admin change default db prefix from jos_ to xxx__ do not allow 3rd party plugins do not allow frontend login

The above 4 are obviously possible and secure with Joomla, others I am not sure.

Upvotes: 0