Hi,

Just about to start working on ecommerce site and have been doing some reading about Joomla security
Found this to automate changing Superadmin 62 problem

bodvoc.com/index.php?option=com_content&view=article&id=4:changing-the-default-joomla-administrator-id&catid=2:joomla-security&Itemid=3

What does everybody think? - you do have to register however. I didn't really understand how to change the sql with queries so gave it a spin

Client is completely obsessed about security - his oscommerce site has now been hacked 3 times!

Cheers
Paul

Paul,

Security and Joomla has 'always' been a hot topic and any steps you can take to tighten-up your Joomla site should be taken. This is especially true if you allow for site registration, comments, ecommerce or any type of upload or download option. What is being talked about in that article is 100% valid and should be a required step if your running/managing a Joomla site. There are also other apps you can purchase/install that will also assist in keeping the bad guys at bay or the very least, guessing what CMS your operating. The one little free app I love is called, jSecure Authentication (www.joomlaserviceprovider.com/). Another extension that I purchased without batting an eye is Admin Tools by Akeeba (www.akeebabackup.com/software/item/860.html). The one step I always take after any Joomla installation is to go through each page's source code and search for the keyword, Joomla. If found, I always, always, always find ways to remove it from the app generating it. Believe me... I love Joomla but I also love the sites I've created and want to make sure they stay 'live'!

I'm hoping some of the other Mods, users take the time to read your post and submit their feedback and/or success stories. We all become 'stronger' working together and 'sharing' what has been found to 'work'.

Ed

Related to that also read Nicholas' posts in the Joomla magazine magazine.joomla.org/authors/itemlist/user/89-nicholaskdionysopoulos for some great info.

Cheers Ed - I use jSecure on everything - only problem with that is how often clients forget their passwords! I'm looking at the akeebackup now - looks good
jsecure now costs $4.99 but worth it


Thanks for the article tip Astrophel - busy reading the articles. This is where I first read about changing superadmin 62

I'm going to write myself a little list of jobs to enable me to manage security for every site.

So far database prefix change, superadmin change, complex password (changed regularly), jSecure, jHackGuard and password protecting admin folder in live sites - any I should add?

Now also looking at Akeebackup options as well thanks to Ed

Cheers
Paul

Hi Paul,

You can add a fearsome .htaccess file to that list. Provides more protection than those extensions will:

snipt.net/nikosdion/the-master-htaccess

I just wrote a blog post about Admin Tools here:
www.joomlabamboo.com/blog/bamboo-blog/how-to-update-your-joomla-site

I think its a pretty amazing extension.

Anthony