Joomla security

Implementing a secure Joomla website.

#First create the MariaDB/mySQL database


mysql -u root -p
CREATE DATABASE <YourDatabaseName>;
CREATE USER <UsernameForJoomla>@localhost;
SET PASSWORD FOR '<UsernameForJoomla>'@'localhost' = PASSWORD("<Your Password>");
GRANT ALL PRIVILEGES ON <YourDatabaseName>.* TO '<UsernameForJoomla>'@'localhost' IDENTIFIED BY '<Your Password>' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit;


cd /var/www
touch configuration.php
chmod 777 configuration.php

rm -rf /var/www/html

http://<localhost>
(if you get the standard Apache welcome screen, delete the index.html from /var/www)


Configure Joomla


Websitenaam: <Your website name>

Gebruikersnaam/Admin user: <Your admin name>
Admin ww: <Your admin password>

User: <UsernameForJoomla>
User ww: <Your Password>
Database: <YourDatabaseName>
Oude database: Verwijder
Voorbeeld...: Nee

Na grafische installatie:
cd /var/www
mv installation installation_OLD_USED (behalve als al via GUI verwijderd)

chmod 444 configuration.php

http://<localhost>/administrator

 

 

Add the following to the Apache config.

vi /etc/apache2/conf-available/joomla.conf
#
#
Alias /administrator /var/www/administrator/

<Directory /var/www/administrator/>
<RequireAll>
Require ip <You internal IPrange like 192.168.178.>
</RequireAll>
</Directory>

<Directory "/var/www/configuration.php">
Require all denied
</Directory>

DirectoryIndex index.php index.html
<LocationMatch "^/[^/]*\.(php|html|txt).*">
Require all denied
</LocationMatch>
<LocationMatch "^/index\.(php|htm).*">
Require all granted
</LocationMatch>
<LocationMatch "^/google.*\.html">
Require all granted
</LocationMatch>
<LocationMatch "^/robots\.txt">
Require all granted
</LocationMatch>

 

Activate the new config via:

a2enconf joomla

systemctl reload apache2

What do you think or any questions?

Send us feedback!

Enter the sum of the numbers.

Menu

  If you like my website, feel free to donate via the Paypal button... A small amount for a cup of coffee is enough ;-) Thank you!