Latest SUCURI Newsletter contains useful advice for Joomlers

joomla support cheshire manchester merseyside north west ukI read with interest this month's newsletter from SUCURI, the respected website security company.

This month the focus is thankfully on recent Magento and Wordpress vulnerabilities and not Joomla! ones.

Whilst not being about Joomla! the linked articles do nevertheless make interesting reading for Joomlers.

One article stands out

The linked article entitled "SEO Spam Campaign Exploiting WordPress REST API Vulnerability" (15 March 2017) stands out for me.

Here's why:

  1. The article neatly summarises how SEO spammers seek to exploit vulnerable websites.
  2. Its conclusions are relevant to all website owners, including Joomlers.
  3. It shines an interesting spotlight on how hackers hide behind Content Distribution Networks (or CDNs) like Cloudflare.

About this latest exploit

SUCURI describe how this particular SEO Spam exploit affects compromised Wordpress websites, namely that it:

  • deletes legitimate posts (destroying maybe many hours of your work), and
  • damages reputations when website visitors see the visible spam which is added to the compromised website in its place.

It is however the lessons drawn that will interest Joomlers. 

Lessons drawn of interest to Joomlers

Regularly review your website content.

Employ 'automated website security monitoring' to alert you when there have been content changes. Example: MyJoomla.

Keep your CMS and its extensions up to date - esential following a security patch.

Use a Web Application Firewall (WAF) to virtually patch your site against known and emerging attacks. Example: Akeeba Admin Tools.

  • USEFUL if you cannot immediately implement a security patch.
  • ESSENTIAL (in my own view) if the security vulnerability has been in the wild (not known about) for even a few days.

Make frequent backups of your website.

Read the article for yourself at:

Subscribe to the SUCURI Newsletter

I would encourage you to subscribe to the newsletter - you can do so when you visit the above link.

A future issue will almost certainly shine a spotlight on a new vulnerability that has been discovered iin the Joomla! CMS.

You will then be able to react and hopefully before it is too late.

But is is better to be PROACTIVE!

WYNCHCO Joomla! CMS Support

We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Read more: WYNCHCO Joomla! CMS Support Packages.