security - JoomShaper


  • Enhance Joomla website security by hiding admin login URL

    Security has no boundary. It’s much more than a complex password. What if we could prevent attackers from getting into the login page entirely? This would give your site a better state of security. The default admin login URL of a Joomla site looks like “”. This address brings the admin login area by default. Now we will see how to change this URL to hide the backend login door.

  • How can I find out if My Joomla! website is hacked?

    As we may say true is horrible but unknown is even worse. You'd be surprised how many people, companies live in blissful ignorance that safeguarding of their websites have been defeated. Never before malware authors and hidden advertising were not so good at disguising their malicious code.

  • How many Joomla! extensions You should use?

    Joomla! is no doubt one of the best CMS on the market (WP will not changed that). With more than 7900 extensions, components, modules and plugins to choose from in the Joomla! Extensions Directory (JED), it’s easy to feel like a kid in a candy store. Do you enjoy the discover of new ones, finding the right module to solve a particular problem on your site, and then setting it up?

  • How to enable two-step authentication in Joomla

    Two-step authentication is a safety feature that adds an extra layer of security on your Joomla site. Two factor authentication (2FA) is widely used in most of the popular online services. Here is how to enable 2-step authentication in your Joomla site.

  • How to fix Joomla mixed content warning for HTTPS

    Google uses many factors for ranking websites, HTTPS is one of them. Those websites which don't have it or use mixed-content are "punished". Lots of webmasters/site owners bought SSL-certificates and switched to HTTPS for their websites. But after enabling SSL, instead of a green padlock, they have a yellow padlock icon in the address bar. Most people wonder, why it happened and how to fix it. In this blog post, we will help you diagnose a common problem with your SSL enabled site and show the way to solve it.

  • How to secure Joomla website and go on holiday


    It seems that holiday has begun for school children, many parents now thinking about sun and free time with family. Also students have finished their exams, but one question still remains: Will all my Joomla 3.x websites be safe and can I leave them without worries for couple of days? What I should do.

  • Joomla! 3.4.4 Released - Security Update

    Joomla 3.4.4 is available from today. Remember this is a security release for the 3.x series of Joomla! Although this release fixes a low level security issue (XSS Vulnerability), we all strongly encourage you update your websites.

  • Joomla! Security CheckList

    Joomla! Web Site Security

    Joomla! is second largest CMS (after WordPress) downloaded over 68 million times and latest research by SUCURI reveals second infected website platform. Joomla! sites, especially ones running older versions of the CMS or it’s extensions are a very popular target for both experienced hackers and script-kiddies alike. In this guide, we’ve taken some time to detail a few measures which can be taken to address Joomla! Security – the basic security checklist for Joomla! (and not only).

  • My Joomla site was hacked! How to Clean a Site

    Something just isn’t right with your Joomla site. Maybe you’re seeing white screen, or dark background with hacker/his country flag, weird links/adverts in bottom section, or perhaps your site redirects to a another site (not yours). If you are lucky, you will get a notification from your host support that you have got infected files. A sad reality about running site on CMS is that sometimes they could get hacked. We all know exactly how stressful it can be for you and your client. Real nightmare.

  • Simple & powerful brute-force protection

    Blocking Brute Force Attacks

    According to different stats brute-force attack is still very popular method in the hands of Cyber-Criminals. This type of attack is an attempt by a cracker to gain illegitimate access to your system (admin area mostly) by attempting to login using common usernames & passwords in rapid succession. And to obfuscate their malicious activity, the attack is executed from multiple IP addresses, either via proxy or possibly a botnet. That's why we decided to write a short guide about blocking Brute Force Attacks , a simple method which for all popular CMS, not only Joomla! and WordPress.

  • Upgrade Joomla OR cry over the hacked site

    The Joomla! development team announces the immediate availability of new version 3.9.x. This is mainly a security release, because critical security issue  and a bug fix for two-factor authentication has been found in the Joomla! core lastly. Security bugs and some small others were fixed in this release. All Joomla! users are encouraged to upgrade to this version, as soon as possible. Of course backup first.

  • Ways to Protect Your Joomla Site from Hackers

    There several ways to make a hacker job as difficult as possible. If you run a Joomla 3.5 (or older) website, you should absolutely take at least basic steps to secure it against intruders. Some facts, according to Sophos Labs,  30,000 new sites a day that is hacked! Yes, that’s a shocking number. I guess you won't be part of this stats.