Hello, We've been hacked on two separate occasions. I suspect that the first time they got in through Joomla. And I know for sure that they got in through Joomla the second time. What can we do to secure this installation so these script kiddies can't get in and deface my sites? I've heard one solution is to block all OUTGOING on PORT 80 using iptables. However this presents me with a problem: The joomla sites have RSS feeds, and RSS won't work if OUTGOING PORT 80 is blocked. Is there a way around this? ANY Help and tips on security highly appreciated
I dont thing if this help but try have your joomla installation updated. If you block port 80 you block all nonsecure http requests.. i dont thing that is your security solution.
1) Keep your joomla installations up to date and have a look regularily on the jommla security announcements. 2) Mod security might help against some attacks: http://www.howtoforge.com/apache_mod_security 3) Secure your php installation. For example you can use suphp + php as cgi were you set the openbasedir to the root directory of the website. Additionally, you can create a custom php.ini for every website with this kind of setup and deactivate all php functions that are not absolutely nescessary for joomla e.g. functions like exec, system etc.
