When you discover that your site has been hacked it's like you're discovering your house burglar...
It was a day like any other until you logged into your website. Instead of your homepage, a blank or black page indicates "You've been hacked by..." or a registration that your host has blocked your website.
If you do not have a maintenance contract with your web agency, you may have a long period of solitude. When you have a fire at home, you call the fire department, you don't try to put out a fire yourself. Unless you have a solid knowledge of the subject, this is also true when you discover your website offline because of a hacker.
Understand to prevent history from repeating itself.
Joomla! is a popular CMS which means that it is regularly analyzed by malicious people to detect potential vulnerabilities in its system. It should also be noted that by default it does not have a complex security system.
To use our analogy with a house, it's a bit like having standard doors and windows. If you want something more solid, you will have to do it yourself or order security doors from your carpenter. For your website, it's the same.
Hosters set up security for you but they are not enough to block all intrusions. Worse, if you forget to close the door of your home, even the best security system will not be able to do anything for you. This is also true for your website.
You may say my site is not very important. I can take the risk of getting hacked. If it is not very important why have a website? Every time you get hacked, you lose sales, online presence, you risk being downgraded in SEO, or even having your data and those of your customers stolen. Considering how that leaves you wondering, no?
Act to reduce risks.
Your site must be a fortress and you must choose where people will enter.
To do this, you must respect some advice:
- It can never be said enough, you must make sure that your Joomla! or others are always up to date. As soon as an official update is released, you should consider installing it and not wait until next year. Your website must be regularly maintained just like your boiler or car. Updates are your first line of defense against hackers.
- Avoid installing components whose source is not secure. Don't believe the first advertisement that came along. You should take the time to find out about the reputation of a company that has developed a component for Joomla! or another CMS. Sometimes, by installing this great tool that allows you to make quotes online, you unknowingly open a back door in your fortress.
- Many attacks occur directly on the site administrator account. You must customize it and especially not keep the default account. Don't forget to have a real complex password policy. Example: W*G49wuqF8@-
- Install a firewall for your Joomla! or other CMS. It will make your life easier if you read the documentation. The firewall is a bit like the guards at the entrance to your castle. They prevent the enemy from entering your stronghold without your permission.
- If your data is sensitive, you should think about encrypting your data! Believing that data theft only happens to others is a mistake.
- Set up regular backups, i.e. 7 days a week with retentions over several weeks or even months.
- Think of setting up a system that checks all modified files in order to quickly detect suspicious movements on your site.
For requests for offers or special questions you can contact us via the form below.