A Very Long Password in Joomla Does Not Mean Better Security

A new client of ours called us very early in the morning and told us that his website was hacked and he wanted our help to clean it. He told us over the phone that he had no idea how he got hacked despite the fact that he had a very long and complex password […]

White Screen when Trying to Edit a Joomla Article: How to Fix

It’s Friday – time for everyone to relax a bit and plan for the weekend! Everyone, of course, except for us! We work 24/7/365! In fact, last Sunday, a client emailed us and told us that they have a problem when editing articles in Joomla’s backend: whenever they click on an article to edit it, […]

“You are not permitted to use that link to directly access that page” Error when Trying to Edit a Joomla Article

An important client of ours emailed us yesterday and told us that they were having the following problem: whenever they edit an article, save it (or close it), and then try to re-open it, they are redirected back to the Articles Manager page (instead of being redirected to the edit page of the article). They […]

How Content-Security-Policy Can Help Protect Your Joomla Website

Have you ever heard of Content-Security-Policy? If not, then we’re sure that you will find this post extremely informative and interesting… In short, Content-Security-Policy is a policy set in the httpd.conf file, the .htaccess file, or as a meta tag (in the HTML code) that is typically used to prevent the website from running external […]

A Couple of Shell Commands to Find Hacked PHP Files on a Joomla Website

Note: This post assumes your website is running on a WHM environment. If your website is running on Plesk than the physical location of your Joomla website will be different. Another note: This post assumes you have some very basic Linux knowledge. If that’s not the case then you can ask some Joomla security experts […]

How to Completely Disable Session Activity for Visitors on Joomla Websites

Note: This post contains core modifications. If you’re not comfortable with doing core modifications, then please ask some Joomla experts to do it for you. Another note: This post assumes that your website doesn’t allow users to login to the frontend – if that’s not the case then please be aware that the modifications below […]

The Hidden Downside of Embedding Joomla Modules in Articles

One of the really nice features that Joomla has is loading modules within articles using loadmodule or loadposition (or using an 3rd party extension such as Modules Anywhere). It is an excellent functionality that permits Joomla administrators to leverage the power of modules within articles (or even within modules if using Modules Anywhere). That flexibility, […]

A Super Quick Guide to Deal with a Hacked Joomla Website

You wake up one morning, and you get that nasty email from Google telling you that your Joomla website is hacked. So what do you do? Well, first of all you relax knowing that this can happen to anyone in this galaxy, and then, you follow the below guide: Backup your Joomla website (filesystem and […]

Internal Server Error on Joomla’s Backend Login Page – How to Fix

A client emailed us very early in the morning and told us that whenever he tried to access the login page of the backend of his Joomla website (e.g. http://www.ourclientjoomlawebsite.com/administrator ), he was seeing a 500 Internal Server Error page. He told us that the frontend worked flawlessly, and the problem was only in the […]