Most of our jobs dealing with securing a Joomla website by removing all potential security threats have to deal with Acunetix. Usually, our customers come to us with either an Acunetix report or ask us to run an Acunetix scan on their Joomla website.
Typically, here are the couple of critical vulnerabilities that we find:
- SQL Injection vulnerabilities: Escaping is, in most cases, the solution. Usually SQL injection vulnerabilities exist in non-core Joomla extensions.
It takes us anywhere between 2 to 3 days to finish the job (cleaning all the extensions and fixing the code). For our small business customers, we follow up with them every quarter to ensure that they’re website is still bullet proof.
For those of you who want to know, the common reasons why our customers run these security scans on their websites are:
- They (our customers) want to become PCI compliant, so it’s a pre-PCI compliance test.
- They run a mission critical website that should not be hacked.
- They run a government website where there are standards that must be met when it comes to security.