Joomla is one of the fastest growing and best CMS in the market, and Jommla developers are taking security vulnerabilities very seriously. But still we as a site owner and developer have to pay attention on security related issues from our end and have to place some hack proof locks on our sites with the help of few best available Joomla Securit Extensions.
As in one of my post I already mentioned that there is no platform, software, plugin, component in this world that guaranties for 100% hack proof system. So the only thing we can do from our end is to place some best hack locks by keeping our sites up to date with the latest Joomla version integrated with best security plugins and components.
Here I have suggestion for 3 of the best Joomla security extensions for you –
1. Admin Tools
Admin Tools is a true Swiss Army knife for your site. Freely available Admin Tools Core will detect, notify you and painlessly install new Joomla! releases as they are made available, fix your files’ and directories’ permissions, protect your administrator directory with a password, change your database prefix, set a secure Super Administrator ID, migrate links pointing to your old domain on-the-fly and perform database maintenance, all with a single click.
The Professional version of Admin Tools provides you much more then the free version. And few of its best features are –
- Web Application Firewall to block common exploits (SQL injection, XSS, DFI, RFI, malicious user agent, CSRF/spam-bot protection, uploads scanner)
- Bad word filtering
- IP Whitelisting for the administrator section
- Modification of Generator meta tag and other sensitive HTTP headers
- Email on administrator login
- Block front-end Super Administrator log-in
- Block Super Administrator user modification
- Block extensions installation
- Block visual fingerprinting (tmpl, template and tp URL parameters)
- Integration of the Bad Behavior anti-spam library
- Project Honeypot IP blacklist integration
- Automatic IP blocking of repeat offenders
- Email notifications of all detected security issues
- URL redirections (exclusive support for query parameters!)
- Scheduled site maintenance operations
2. Akeeba Backup
Akeeba Backup is an open-source, free and non-commercial backup component. Its mission is simple: create a site backup that can be restored on any Joomla!-capable server. Its possibilities: endless. It creates a full backup of your site in a single archive. The archive contains all the files, a database snapshot and an installer similar in function to the standard Joomla! installer. The backup and restore process is AJAX powered to avoid server timeouts, even with huge sites. Alternatively, you can make a backup of only your database, or only your files.
3. JISecure My Site
JISecure My Site is simple plugin which add key & value requirement to the administrator url. This will prevent unauthorised visitors to access the admin panel without correct permission.
For example, if you configure the plugin to use key=foo & value=bar, the url for your administrator panel must be: http://myjoomladomain.com/administrator?foo=bar
jSecure hides your Joomla administrator URL with a special key so that only you can access. The problem with Joomla is that anyone can tell if your site is Joomla by simply typing in the default URL to the administration area (i.e. http://www.yoursite.com/administrator). jSecure helps you hide the fact that your website is built with Joomla from prying eyes.
Check out jSecure in action here: http://www.joomlaserviceprovider.com/
Hello joomlaserviceprovider
Your additional comments on jSecure is much appreciated.
Thanks for the wonderful plugins list but I think manual security is an essential part to secure a Joomla blog.
You are correct Janyson, As there are so many Joomla developers who are not comfortable in manual security implementation so this post is specially dedicated to them
.