I recently attended a webinar by Siteground hosting that covered Joomla! website security. There was a lot of excellent information provided. The main takeaways were that no website is impossible to hack, security is an ongoing process, and all interested parties must be involved – the host, the developers, the end-users, and the add-on developers.
Securing your Joomla website is one of the first steps you should take when you setup a new site. But what happens if you don’t?
Getting hacked: the aftermath
As part of offering technical support, I always advise my clients to keep security in mind and take precautions. Unfortunately, many come to me with horror stories from non-responsive or absentee developers, unsure of what to do. Google blacklisted their site, visitors were getting trojan viruses, and their host hadn’t offered any support.
I won a new client when a group came to me after their current site was hacked. As I was not the developer of that site and had no contact with the host, it was easiest for me to completely rebuild the site from scratch. It was a simple site, and still took hours to rebuild. I would not recommend that for anyone!
For the client whose Joomla site was hacked, it was due to a vulnerable 3rd party extension. The web host was vigilant and caught and cleared the issue almost immediately. Following that experience, we implemented several measures to secure the site against future attacks. I recommend using Akeeba Admin tools and Akeeba backup, which are popular Joomla components that can help secure a website, and restore it should anything untoward happen.
I haven’t been hacked, what do I care?
So should you worry about security? My answer is unequivocally, yes. Even the smallest websites can get hacked – personal blogs, local support groups, kids’ sports teams. The hackers aren’t targeting you personally – they are instead targeting anybody and everybody on the World Wide Web. If you have a website, you are vulnerable. I won’t pretend to understand why hackers do what they do. Too much time on their hands, a true desire to be malicious, maybe even a misguided attempt to get people to secure their sites better.
One of the keys is having a good host, and another is having good technical support. I recommend SiteGround as an excellent host for both Joomla and WordPress-based sites, and of course, I’m happy to discuss your technical support needs!
