Joomla Security: How to Secure Your Joomla Website During Installation

(Last Updated On: October 21, 2019)

Want to secure your Joomla website at the installation point? This JovialGuide will show you how to secure your Joomla website during installation.

Your Joomla website will be secure if you play the right role as the website administrator.

You as the Website Administrator

One of your goals as a Joomla website owner/administrator is to secure your Joomla website because being hacked is very painful.

During the installation of Joomla, you’ll be asked to enter vital details before being able to proceed. These vital details are powerful in the sense that if poor/weak details are chosen, it may cost you your Joomla website later. This is the reason you should secure your Joomla website during installation.

Your Joomla website will be secure if you do the rightful things!

Securing your Joomla website requires you to invest a lot of attention, etc.

You as the website administrator, if you are less concerned about your Joomla website, you may end up loosing it.

This JovialGuide covers everything you need to know to secure your website during Joomla installation.

Note:- before you proceed with our JovialGuide on how to secure your Joomla website during installation, we’d like to let you know that any vital detail you enter during the installation of Joomla (whether weak admin password or weak database password, mistyped password, page title, etc.), can be changed later. This is the power of Joomla!

How to Secure your Joomla Website During Installation

Protecting your Joomla website during installation will make your website less vulnerable to attacks. In this section, everything has been properly broken down, this would make it easier for you to understand.

The following sub-sections of this Joomla tutorial will show you how to secure your Joomla website during installation.

1. Choose a Secure Joomla Hosting Company

Before you begin with the installation of Joomla, you have to decide where you’d like to install Joomla.

Joomla can be installed on;

  • a live webserver – accessible by anyone
  • a local webserver (localhost) – accessible by only you

Hosting your Joomla website on a live webserver requires more attention in terms of security than having your Joomla website hosted on a local webserver. This is because it is opened to the world (anyone can access it from anywhere).

Your Joomla hosting provider contributes greatly to most of the vulnerabilities in your Joomla website. Choosing a reliable Joomla hosting provider that is configured for security should be the first thing you should always have in mind when choosing a Joomla hosting company.

Another thing you should understand about website hosting is the differences between Joomla hosting plans.

Shared Joomla hosting is the cheapest and most recommended hosting plan for small websites. If you host your website on a shared Joomla hosting server, your website will become vulnerable to attacks. This is because you share web hosting resources with other websites. Any website that gets attacked may put your own website at risk.

Since you share the same server with other website owners, an attack on any website may affect your website!

Managed Joomla hosting is more secure than shared Joomla hosting because you do not share the same webserver/hosting resources with other website.

When you pay for a managed Joomla hosting plan, you are given a properly configured and secure webserver with expert support. At this time, you don’t have to worry about the technical aspects of your Joomla website, they are managed by your Joomla hosting experts.

On a managed Joomla hosting plan, your Joomla website will not be at risk when any website is attacked. It won’t affect or risk your Joomla website because you are alone on that server.

The other side of managed Joomla hosting plan is that it is very expensive compare to shared Joomla hosting.

We recommend you do all of your Joomla hosting with InMotion Hosting, A2 Hosting or SiteGround.

Check out our list of the best Joomla hosting companies.

2. The Main Joomla Installation

This section is the most important section because it has to do with your website login details and database configuration settings.

The Joomla installation processes are grouped into 3 stages. These stages are:

  • the main configuration stage (first stage)
  • the database configuration stage (second stage)
  • and the overview stage (final stage)

Let’s look at them one after the other, starting from the main configuration stage.

The Main Configuration Stage

Main configuration stage in Joomla installation

This stage lets you enter the site name, description, super user username, email, and password. In this JovialGuide, we are only concentrating on the super user account details (email, username and password).

For super user account security, we recommend you;

  • Create a new Email account
  • Choose a smart username
  • Choose a strong password

Create a New Email Account

We recommend you create a new email account with a very complex password, specially for your Joomla website. This new Email account will not be used for any other website/verification, but only used as the admin Email account of the super user of your Joomla website.

Choose a Smart Username

You are to choose a name that would be used as the username of the super user.

Choose a Strong Password

When we say a strong password, we mean a complex password that cannot be pronounced.

Avoid using words such as; admin, pass, adminpass, 12345, abcde, 00000, etc. Also stay away from using your; name, date of birth, pet name, best friend’s name, etc., as your password. They are easy-to-guess! Using a complex password that cannot be pronounced or guessed hardens your Joomla website!

Your password should be upto 6 characters and above, made up of alphabets (capital and small letters), numbers, special characters (for example ¦¬]©{_$~), multiplication sign, division sign, etc. Your password should look like this: )2G=h%_/. Our password example contain numbers, letters (upper and lower case), and special characters, resulting to a total of 6 characters. With this example, your attackers will find it pretty hard to guess your password.

The Database Configuration Stage

Database configuration in Joomla installation

The database configuration stage (of Joomla) gives you the ability to specify the name of your Joomla database, username of the database, password of the database, host name, table prefix and an option to remove or backup old database tables from previous Joomla installation.

In this post, our concentrations are on database password and table prefix. They are the important things in Joomla security.

Database Password

Your database password must always be as strong as a rock, or, even stronger than a rock! For strong security, it should be a combination of letters (upper and lower cases), numbers and special characters. This alone will make it pretty hard for any attacker to get into your Joomla database through password guessing.

Table Prefix

A database table prefix or table prefix is a string added to the name of the table of your website’s database. It helps you run more than one or multiple installations on just one database.

Enter a complex table prefix into the table prefix field. It should be a combination of letters and numbers only, resulting to a total of 5 characters. It should be complex enough such that no one can guess it.

Your Joomla database table prefix should look something like this: g2y5f.

One last thing you should note is that your Joomla database table prefix should always end with an under-score (_). Your Joomla table prefix with an under-score will look like this g24yf_tablename. Where g24yf_ is the table prefix and tablename is the name of the table. That is the standard way of writing a table prefix.

The Overview Stage

overview stage of Joomla installation

The overview stage is the last stage in Joomla installation. This stage shows you all of the things you did right from the first stage to the last stage (main configuration stage and the database configuration stage). It also shows you other vital information you need to know about your Joomla website.

If any item is marked no, we recommend you contact your Joomla hosting provider for it to be corrected, else, it may affect your website’s performance.

That is how to secure your Joomla website during installation. For more tips on how to secure your Joomla website, see our ultimate Joomla security guide.

You have seen that the Joomla hosting company you use also matter in terms of security. Do choose a reliable hosting company for your Joomla website.

Check out other of our Joomla tutorials.

JovialGuide

We provide comprehensive tutorials. Reach us on Facebook via JovialGuide.

Leave a Reply

Your email address will not be published. Required fields are marked *

 

Shares