There's no free lunch! Don't be fooled by Joomla's award-winning ease of use. Maintaining a secure, dynamic Web site on
the open Internet is not easy. Adequate security requires constant watchfullness and effort.
There's no one right way!
Due to the variety and complexity of modern web servers, security
issues can't be resolved with simple, one-size-fits-all solutions. You,
or someone you trust, must learn enough about your web server
infrastructure to make valid security decisions.
There's no substitute for experience! To secure your web site, you must gain
real experience much of which will be bitter), or get experienced help from
others.
Rise above the herd: The Security Forums are filled with "Help! I've been hacked" posts by people who did NOT follow standard security practices (this author included ). If you decided to study documents such as this before your site is compromised, congratulation, you're already ahead of the herd.
It's not as hard as it looks:
The following checklist may seem intimidating, but you don't have to
deal with all of it at once. As you become more familiar with
GNU/Linux, Apache, MySQL, PHP, HTTP, and Joomla, you'll add refinements
to your combination of security tactics. Security is a moving target,
so today's expert might be tomorrow's victim. Welcome to the game...
). If you decided to study documents such as this before your site is compromised, congratulation, you're already ahead of the herd.
