As a group, there are several things Dallas JUG members do to ensure the security of their Joomla sites. If you have ideas and best practices that are not on this list, please let us know about them!
General Best Practices
These best practices are not limited to just Joomla sites
- SSL
- Two-factor authentication
- CPanel
- PHP versions and provisioning
- HTTP/2
- Google Analytics Re
- Regular updates & backups
Security & Firewalls for your Joomla site
There are several good free and paid options for adding security to your Joomla site. Here are some of our favorites:
- Akeeba Admin Tools
- Free says it has no security features, but it does help with best practices
https://extensions.joomla.org/extension/admin-tools/ - Pro comes with firewall and security features
https://www.akeebabackup.com/products/admin-tools.html
- Free says it has no security features, but it does help with best practices
- RSFirewall (paid subscription)
https://www.rsjoomla.com/joomla-extensions/joomla-security.html - MyJoomla (paid subscription)
https://myjoomla.com/
Keep up with Joomla Security News
You can read about the latest patches on the Joomla Developers site:
https://developer.joomla.org/security-centre.html
The top section has links for subscribing to security alerts and notifications from the Joomla team.