Joomla! Security Checklist

As Joomla! is an open source content management system(CMS), it can subject to a great number of various hacking attacks. That`s why it is very important to improve Joomla security every day and use all possible methods for this. Follow the instructions bellow and you will get essential knowledge in Joomla security and, how not to be attacked by hackers.


Tutorial sections:

Section 1: Keep Joomla and all extensions up-to-date

The most important part of Joomla security settings is the keeping of your website version of Joomla up-to-date. In almost all versions of Joomla update, there are security improvements. For more information read our tutorial: How to update Joomla to the latest versions.


Keeping Joomla extensions up-to-date is equally important for the Joomla security. Generally, there are much more attack that use security problems in extensions, than in the Joomla files. If you want to improve your Joomla security level, follow our tutorial How to update Joomla extensions.

Joomla security. Joomla update

Follow our tutorials:

Section 2: Use Strong Login Details

To improve Joomla security, you shouldn’t use default user names like "admin" or "administartor". Those words are on the first place in the list that potential intruder will try.


The second step is to have a strong password. A lot of intruders try to hack your login details. Together with the list of popular login names the also have the list of commonly used password, so follow our instruction and create strong password to improve your Joomla security.

  • Don't use common words for passwords like: admin, admin123, qwerty, 123456 etc;
  • Avoid personal information in passwords like your personal or family name;
  • Avoid password generators. Password generators use algorithms to generate the passwords which can be compromised by an attacker;
  • Use as many special characters ( *!@#)$ ), numbers and capital letters in your password as possible.
Joomla security. Strong Password

Section 3: Use Proper File Permissions & Ownership

The next step in making strong Joomla security is to set the right file permissions for the files and folders. We recommend to follow our suggestions:

  • The permissions for Joomla folders - 755;
  • The permissions for Joomla files - 644;
  • The permissions for configuration.php file - 444.
Joomla security. File permissions

Follow our tutorial to know how to change file permissions.

Section 4: Use Joomla Security Extensions

Antoher way to improve Joomla Security of your website is using if Joomla Security Extensions. There are a great amount of such extensions, bellow you can find a list of the most populat Joomla Security Extensions:

Joomla security. Joomla security extensions

Section 5: Often make backups

It is very important to make backups of your Joomla website. You have to make backups as often as it possible. Keep backups of the website Joomla files and database on your local computer, you will never know what can happen with your website. We have prepared two tutorials of the most popular methods of making backups: "How to backup Joomla! manually?" and "How to backup Joomla! through hosting?". Follow this two tutorials and find out how you can make a full backup of your website.

Joomla security. Often make backups