Website security has always been a hot topic, and now it’s even a hotter topic as security standards, such as PCI-DSS, are becoming required by credit card companies as well as internal security auditors (especially in schools, universities, and other websites). As a result, we are currently experiencing a surge in projects consisting of securing a company’s/individual’s website(s) in order to meet the necessary requirements. We are proud to say that we were able to do the job every time, and every website we have secured was marked as “passed” or “secured” (depending on the security test).
So how do we secure your Joomla website?
We follow the below process:
- We check your Joomla version, and if you’re using a very old version, then we suggest you upgrade it to the latest version.
- If you choose not to upgrade Joomla, we will fix all the vulnerabilities in your current version.
- We check all the non-standard extensions that you have installed on your website, and we see if you are using the latest version of each extension. If you’re not, then we’ll update it1.
- We will then run a security scan provided by Acunetix2 in order to check for the following vulnerabilities:
- XSS
- SQL Injection
- Exposed passwords
- Exposed directory strucutre
- We will then fix all the code that is marked as vulnerable, and then we run the test again, until your website passes the scan.
- We will then check the permissions on your directories/files, and remove non-required permissions (for example, index.php is often assigned a permission of 664 or 644, while it only needs a permission of 444).
- If you’re looking to satisfy the PCI requirements, then at this point we’re almost 90% done. We will then work exclusively to make your Joomla website PCI compliant.
Do you see now why we are the Joomla Security Experts?
How much time will this job takes? It takes 3 days to finish the whole job from A to Z and make your website secure. Note that for PCI requirements our job is restricted to securing your website and advising on the right course of action for security your network.
So what will be the total cost for securing a Joomla website? Since it takes 3 days3, then it’s 24 hours, and at the current rate of $75/hour, the total will be $1,800, and you pay only if the website is secure.
Securing your website will give you peace of mind, and will make your visitors at ease especially when you’re accepting payments on your website. If you are interested in making your website bullet proof, then contact us, and we will get the job done – promise!
1We may not update it if the newer version is problematic or is substantially different than the older version.
1Acunetix is a 3rd party software and our clients are responsible for buying the necessary license to run the tests.
3Upgrading Joomla is a separate project and will take us an additional day (8 hours) to finish.
[…] We are experts in Joomla and Joomla security! […]
[…] is excellent, your website’s security is prioritized (mainly because you are dealing with Joomla security experts), and you will be guaranteed to pay the same amount of money even if the work takes longer. […]
[…] in and for itself, is secure, but quite often the 3rd party extensions are not. Since we are the Joomla security experts, we fix all the security issues with each one of these websites, and then we run a 3rd party scan […]
[…] necessary for your website to have a feature to allow people to upload scripts, then ask some Joomla security experts to secure that […]
[…] then try to read the code and see what it does if you have some programming skills or contact some Joomla Security Experts if you […]
[…] experience, or if you can’t locate/solve the problem by yourself, then just call the Joomla Security Experts. These experts will help you immediately, and they will most likely be able to restore your website […]
[…] The answer is simple, yet it’s complicated at the same time. The straightforward answer is to block any HTML/JavaScript code from being inserted into your website by using escaping and/or encoding, but at many times you may need to allow your users to insert HTML code, which will make the process of protecting your website while maintaining the same functionality complicated. You will need to allow some HTML code and disallow some other HTML code. You will need to ensure that your users will still be able to do all the legal activities (that you allow) on your website and that malicious attackers cannot inject any bad code into your content. For that, of course, you need to have programming experience or you need to outsource this work to the Joomla Security Experts. […]
[…] are the Joomla Security Experts. We use advanced techniques and a world class security software (see Acunetix and Joomla) to ensure […]
[…] Joomla security experts are there for a reason – to make sure that your Joomla website is safe and resilient to most malicious attacks. Asking them for help usually saves you a lot of time and money on the long run. […]