This SUCURI Newsletter contains useful advice for Joomlers

joomla support cheshire manchester merseyside north west ukI read with interest this month's newsletter from SUCURI, the respected website security company.

This month the focus is thankfully on recent Magento and Wordpress vulnerabilities and not Joomla! ones.

Whilst not being about Joomla! the linked articles do nevertheless make interesting reading for Joomlers.

One article stands out

The linked article entitled "SEO Spam Campaign Exploiting WordPress REST API Vulnerability" (15 March 2017) stands out for me.

Here's why:

  1. The article neatly summarises how SEO spammers seek to exploit vulnerable websites.
  2. Its conclusions are relevant to all website owners, including Joomlers.
  3. It shines an interesting spotlight on how hackers hide behind Content Distribution Networks (or CDNs) like Cloudflare.

About this latest exploit

SUCURI describe how this particular SEO Spam exploit affects compromised Wordpress websites, namely that it:

  • deletes legitimate posts (destroying maybe many hours of your work), and
  • damages reputations when website visitors see the visible spam which is added to the compromised website in its place.

It is however the lessons drawn that will interest Joomlers. 

Lessons drawn of interest to Joomlers

Regularly review your website content.

Employ 'automated website security monitoring' to alert you when there have been content changes. Example: MyJoomla.

Keep your CMS and its extensions up to date - esential following a security patch.

Use a Web Application Firewall (WAF) to virtually patch your site against known and emerging attacks. Example: Akeeba Admin Tools.

  • USEFUL if you cannot immediately implement a security patch.
  • ESSENTIAL (in my own view) if the security vulnerability has been in the wild (not known about) for even a few days.

Make frequent backups of your website.

Read the article for yourself at: sucuri.net.

 

Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.