Website security has always been a hot topic, and now it’s even a hotter topic as security standards, such as PCI-DSS, are becoming required by credit card companies as well as internal security auditors (especially in schools, universities, and other websites). As a result, we are currently experiencing a surge in projects consisting of securing a company’s/individual’s website(s) in order to meet the necessary requirements. We are proud to say that we were able to do the job every time, and every website we have secured was marked as “passed” or “secured” (depending on the security test).
So how do we secure your Joomla website?
We follow the below process:
- We check your Joomla version, and if you’re using a very old version, then we suggest you upgrade it to the latest version.
- If you choose not to upgrade Joomla, we will fix all the vulnerabilities in your current version.
- We check all the non-standard extensions that you have installed on your website, and we see if you are using the latest version of each extension. If you’re not, then we’ll update it1.
- We will then run a security scan provided by Acunetix2 in order to check for the following vulnerabilities:
- SQL Injection
- Exposed passwords
- Exposed directory strucutre
- We will then fix all the code that is marked as vulnerable, and then we run the test again, until your website passes the scan.
- We will then check the permissions on your directories/files, and remove non-required permissions (for example, index.php is often assigned a permission of 664 or 644, while it only needs a permission of 444).
- If you’re looking to satisfy the PCI requirements, then at this point we’re almost 90% done. We will then work exclusively to make your Joomla website PCI compliant.
Do you see now why we are the Joomla Security Experts?
How much time will this job takes? It takes 3 days to finish the whole job from A to Z and make your website secure. Note that for PCI requirements our job is restricted to securing your website and advising on the right course of action for security your network.
So what will be the total cost for securing a Joomla website? Since it takes 3 days3, then it’s 24 hours, and at the current rate of $75/hour, the total will be $1,800, and you pay only if the website is secure.
Securing your website will give you peace of mind, and will make your visitors at ease especially when you’re accepting payments on your website. If you are interested in making your website bullet proof, then contact us, and we will get the job done – promise!
1We may not update it if the newer version is problematic or is substantially different than the older version.
1Acunetix is a 3rd party software and our clients are responsible for buying the necessary license to run the tests.
3Upgrading Joomla is a separate project and will take us an additional day (8 hours) to finish.