Minimizing Brute Force Attacks on Joomla’s Backend Using .htaccess
If you’re running a Joomla website and you regularly check your Apache web server logs, you will notice that these logs are full of brute force attacks. These brute force attacks consist of continuous POST requests to your Joomla website, with dictionary based combinations of usernames and passwords, with the hope that one of these […]
MySQL’s “SELECT INTO OUTFILE” – Should Joomla Administrators Be Afraid?
Note: This post is very advanced and is targeted at system administrators and advanced programmers. Another note: The aim of this post is strictly to promote security on Joomla websites and to investigate potential threats. It is not aimed at teaching others how to exploit websites. After reading a post this morning on the dangers […]
MySQL InnoDB Optimization for Large Joomla Websites
One of the first things that we used to do to resolve a substantial part of load issues caused by a Joomla website was to switch the main content tables from MySQL InnoDB database engine to MySQL MyISAM. The results were always impressive. Nevertheless, we always had conflicting feelings after the switch: while we were […]
“The File Cache Storage is not supported on this platform.” Error After Updating to Joomla 3.6
A client called us very early this morning and told us that after he updated to Joomla 3.6 (from Joomla 3.5.1), he was seeing the following fatal error on the Joomla backend: The File Cache Storage is not supported on this platform. We immediately investigated the issue (it was around 5 AM), and we realized […]
Searching for the “*/$” Pattern on Your Joomla Website to Discover Hacked Files
Over the course of the last decade, we have unhacked and secured many Joomla websites ranging in size from very small to very large. In most cases, cleaning up a Joomla website consists of the following steps: Blocking all traffic to the website. Backing up the website. Overwriting the core files from a fresh Joomla […]
“Could not connect to MySQL.” Error on a Joomla Website
Yesterday (Friday) we explained how a full disk brought the Joomla website of a client of ours completely down. We also mentioned that we upgraded the VPS plan of that client to a more generous plan in terms of disk drive and memory – what we didn’t mention, however, was that the VPS upgrade did […]
“An error has occurred” When Trying to Login to the Backend of a Joomla Website
A regular client of ours called us a couple of hours ago and told us that her company’s website was down, and she was seeing a weird error when trying to login to the administrator section of her Joomla website. We immediately checked the website and we noticed that the website was complaining about too […]