SECURITY ALERT: Website Defacement on Joomla
Our Security team received a number of alerts about website defacement on Joomla websites.
Therefore, we would like to propose to you some precautions to take in order to prevent website defacement:
1) Update your Joomla components from time to time.
2) Do not install older Joomla themes/components/addons on newer a Joomla version. Although the Joomla system is allowed to do so we do not recommend such installations (e.g you have Joomla 2.5 but install a Joomla component for version 2.3).
3) Remove or Delete any unused Joomla components or add-ons.
4) Change the Joomla default administrator username with another username. Default username: “admin”.
5) Change your Joomla administrator password on a periodic basis. Recommended: once every month.
6) Make sure all the File permissions are correct. File’s Permission: 644 while Folder’s permission: 755. As for the “Configuration.php” file, change permission to 444.
7) Back up your Joomla on a periodic basis. Recommended: at least once every month.
If you experience any issues, feel free to get back to us.