Five Best Joomla Security Extensions

Joomla CMS

Administration Protection

First, restrict access to your admin log-in from other users. Do this by using a password protect on the admin folder of your site. Then, make sure the admin log-in required to make any changes or access coding is password protected with something other than “admin” or “password” text. Finally, restrict access to the admin folder to only your IP address, unless your internet service provider uses a dynamic IP. You can allow more than one user IP, but restrict access to all other IP's.

Backing Up Your Site

Second, backup your Joomla website on a regular schedule, preferably using an extension that does so monthly. Backing up your Joomla site will enable you to restore it quickly and easily, should your site be hacked or something go terribly wrong during updates.

File Permissions

Third, remember to set the right file permissions for your Joomla folders on your host server. Never use full access (777), as this gives all hackers the ability to easily slip into your Joomla files. Instead, set your permissions as follows:

For Windows users: How Do File Extensions Work

For Unix or Linux users: Verifying Permissions

Joomla Extensions

Fourth, remember to keep your Joomla extensions up to date. Many hackers can easily utilise out-of-date utility extension files to access your Joomla website. This is actually slightly more important than keeping your Joomla code up to date.

Logging In

Fifth, use a strong username and password. Avoid common words and definitely do not use admin or password in your password. The most secure usernames and passwords are eight to ten characters and contain at least one upper-case, one lower-case, one number and one symbol. Avoid password generators, as these are actually easier to guess. Lastly, change your password every 30 to 60 days.

Joomla Security Extensions

Security extensions add a last bit of protection your websites needs to keep the hackers and bots at bay. Think of them like the guard dogs that are on duty even when you can't be. The following are the best user-rated Joomla security essentials suites you can add to your site:

Akeeba Admin Tools – Free
Akeeba will remind you when it needs updates, fix files and extensions, alert you to other Joomla file updates, protect your admin folder, change your database prefix, set up an added admin log-in check, migrate links, point dead links to new ones, perform general maintenance, and more. Akeeba is free to download and use, but support requires a subscription.

JomDefender – Paid
JomDefender protects your Joomla site from hackers and data thieves, and allows you to control the security and codes of your website more easily.

jSecure – Paid
jSecure gives you protection from hackers and adds extra security for admins. As an added bonus, it also allows you to blacklist IP addresses, fix resource errors, restrict user abilities, edit meta tags, purge data, and much more.

OSE Security Suite – Paid
OSE Security Suite is an open source software and PHP-based. It gives you added protection, security, and control over other Joomla security extensions. As a plus, it acts as an anti-virus in addition to being an anti-hacker.

RSFirewall – Paid
RSFirewall is an all-in-one security suite essential that acts as an anti-virus, anti-hacker, and full script firewall. It comes with a very long list of security perks and self-scans your Joomla code for all attempts at your site.

Website security prevents costly repairs of your website after automated or hacker attacks. Whether you choose paid or free services, your data security is essential. Remember to add admin protection, back up your site regularly, limit file permissions, update extensions whenever possible, use a strong username and password for all user accounts, and always use a Joomla security extensions program to further protect your website.

Our Portfolio