Joomla is a very popular content management system widely used by over 200million websites around the world as at April 2015. It has become the next most installed script on the Todhost web hosting platform after WordPress. Today, we will show you some of the quick checks and fixes that will keep your Joomla website running safe on the web.

1. Change the default admin username

By default, Joomla admin username is "admin" and the admin url is yourdomain/administrator. It is important to change these two parameters to forestall primary attacks on your Joomla website. Advanced attackers would still have a way of detecting your administrator login url but this is a strongly recommended measure towards securing your website.

2. Keep Your Joomla Installation Updated.

This is as important as maintaining your web hosting account. If you have un-updated plugins, components, modules and other extensions, then you are surely at risk of an exploitation. Your web host will possibly suspend or place some restrictions on your account if it ceates issues for other users and these issues will likely arise from poor maintenance. Keep your installation clean and safe by updating the extensions.

3. Be Mindful of Extensions you Install

Please take note that not all extensions are safe for install. We have come accross lots of Joomla extensions with issues ranging from compatibility with design frameworks to issues with Joomla versions. Some extensions and poorly developed and create issues which sometimes can breakdown your Joomla installation. You will need to verify the integrity of every plugin, module, component and any extension you wish to use before you go head wth installation. A good way to do this is to probe user experiences. Avoid extensions that you are required to write a favourable review before you can install them.

4. Follow Strong Password Rules

A strong password should have at least 1 special character (|#*\), at least 1 numerical character(1256778), combine lower and upper caes characters(SDecHYnniO) and be at least 12 digits. We recommend you use the cPanel password generator and safe a copy somewhere. Nevertheless, if you forget your password, you can always rest it. Better to change and rest often than be vulnerable. These combination will help protect you from brute force attacks. You will need to keep this rule as a password attack could be very devastating.

5. Disable Error Reporting in Global Configuration.

For Joomla 3.4.1, this is found under Global Configuration > Server > Error Reporting. Just set it to "none" This will ensure that errors do not display on your Joomla frontend.

6. Enable Captcha - ReCaptcha

To do this, you need to check two settings. Go to Global Configuration, under the site settings, enable Captcha - ReCaptcha. Then go to plugin manager and click Captcha - Recaptcha - Enter the required settings and make sure it is set to "enabled". You will need to get a site and secret key for your domain from http://www.google.com/recaptcha.

7. Enable Cache on Your Website

Caching speeds up your website. We have emphasized the need for caching in several other articles in our knowledgebase. In Joomla, to enable your cache settings, go to Global configuration > System > Cache Settings and choose a preferred setting. For small and moderately sized websites, i recommend the you choose "Conservative Caching". You can choose the progressive caching for large websites.

Next, go to plugin manager and locate "System - Page Cache". Make sure it is enabled.

8. Install a HackGuard Plugin

We have found the Siteground JHackGuard to be very helpful and effective here. So, make sure you have it installed and enabled under plusin manager.

9. Maintain a Healthy Backup

10. Install a Cleaner for Your Database
Repairing your database can be done using the phpMyAdmin tool of your control panel. However, there is an Akeba component called "Admin Tools" for Joomla which does all of that and more, Install it like every normal Joomla component and use it to optimize your database, clean the temporary directory and more.

Keep in mind that anything can happen and so a healthy backup would be the sure way to recover. To avoid overloading your server space, maintain not more that two recent backups. We suggest you download the backup to your local computer.

These are our recommended steps to ensure your Joomla website is safe. Let's haveyour comments on any additions you know could help keep Joomla safe for users.

Read more blog posts: https://www.todhost.com/blog/