"Why do you look at the speck of sawdust in your brother's eye and pay no attention to the plank in your own eye?" Source: Matthew 7:3
It is easy to blame anyone and everyone else when your website security is compromised by malware.
But actually, the most likely cause of website vulnerability is YOU the website administrator.
Ask yourself these questions
- log into your website control panel in a public area?
- leave your screen unattended whilst logged in?
- browse the web in another window whilst logged into your website control panel? 1
- use insecure passwords and usernames?
- never update your Joomla! CMS and its 3rd party extensions?
- never scan your computer for viruses and malware?
- not use a computer firewall and keep it up to date?
- let your web browser remember your login credentials?
- use an out of date operating system on your computer?
- never bother to update software installed on your computer?
- click on links in emails without thinking? 2
- open downloaded files without first scanning them for virus and malware?
If you answer YES to any of the above then there is a plank in your eye!
1. Improvements were made with the lauch of Joomla! 2.5 to reduce the risk of CSRF (cross site request forgery) when someone logged into Joomla! browsed the web in another tab. We still advise caution.
2. Hover before you click. Use a link expander like: http://wheredoesthislinkgo.com/.
Install and configure a Web Application Firewall?
Customise the Joomla! CMS .htaccess file to further tighten website security.
Periodically scan your Joomla! CMS for malware.
Provide training for members of your team to instill best practice.
Challenge your own behaviour!