Always use the latest release

Experience tells us that websites which use the latest available release of Joomla! CMS are more likely to be:

1) MORE SECURE

2) MORE ACCESSIBLE

3) MORE MOBILE FRIENDLY

4) FASTER

5) PERFORM BETTER IN SEARCH ENGINES

6) EASIER TO USE

Read more: How to find out about new releases.

Also check whether the server hosting your website is using the latest available release for a given version of PHP and MySQL.

We tell you how to check and consider which versions to use in our Joomla! User Guide.

Read more: About PHP & MySQL.

Frequently check for new releases

Frequently sign into your website's control panel.

When you do you will be prompted if there has been a new release of the Joomla! CMS.

You should also periodically visit the Official Joomla! website for the latest news about new releases.

Read more: www.joomla.org.

Subscribe to the Joomla! Project's Security News Mailing List.

Subscribe: Joomla! Security News Mailing List.

If you use RSS readers, subscribe to the Joomla Security News RSS Feed.

Subscribe: Joomla Security News RSS Feed.

Back up your website frequently

Frequently perform a FULL backup of your website (database and files).

If you have been making regular backups, and your website is compromised, you can restore your last known 'clean' back up.

Read more: How to back up your Joomla! CMS.

Add a Web Application Firewall to your website

If you value your Joomla! website then protect it.

Install, configure and maintain a Web Application Firewall (or WAF).

We believe that NO business should run a website without a Web Application Firewall.

Read more: Web Application Firewall.

Add an SSL Certificate to your website

When you add an SSL Certificate to your website's domain your user credentials will be encrypted when you sign into your website's control panel.

We recommend free Lets Encrypt SSL certificates which can be quickly and easily added when you sign into your hosting control panel.

There are some Joomla! and SEO settings that may need to be changed when you add SSL.

Read more: How to add a Lets Encrypt SSL Certificate.

Keep your computer Operating System & Web browser up to date

It is easy to forget about the device you use to connect to your website when thinking about website security.

Keep your device's Operating System and Web Browser up to date.

If not then you risk having your login credentials stolen when you visit your website to sign in and edit its content.

Read more: Protect your device, browser & web connection.