Most experts recommend protecting live websites with a Joomla security extension. Produced by one of the most influential Joomla developers, Admin Tools provides a suite of tools that help keep your website safe and running smoothly.

Website security is a broad topic and sometimes complicated topic. Admin Tools makes site security much more accessible. And performing the tasks below is an easy and convenient way to harden your website against attackers.

1. Password protect the Administrator folder.

Free and Pro versions (use occasionally).

Many hacking and intrusion attempts in Joomla are directed at the Administrator folder.

Password protecting this folder is a great way to discourage many attempts to access your Joomla website.

Admin Tools makes this easy. Simply click the Password-protect Administrator button on the Admin Tools Dashboard and enter the desired username and password.

We recommend changing this password regularly based on the security policy for your website, company or organization.

2. Fix file permissions.

Free and Pro versions (use regularly).

The files and folders on your webserver have permissions and access rules. Appropriate permissions allow the public to use your website but not modify it.

Fortunately, using a Joomla security extension like Admin Tools means you don’t need a system administrator to apply safe file/folder permissions. A single click on the Fix Permissions button is enough to repair any issues.

We recommend using this feature regularly, especially after installing new extensions and performing site maintenance.

Additionally, fixing permissions is a good first step when troubleshooting bugs on your website. It rules out permissions as a source of the problem.

3. Create a strong .htaccess file.

Pro version only (use occasionally).

An .htaccess file is a configuration file placed in the root of your website that allows you to customize some aspects of your server configuration.

Joomla ships with a default .htaccess file which users can enable when — for example — enabling search engine friendly URLs.

However, adding the appropriate directives to an .htaccess file can significantly improve the security of your Joomla website (and indeed almost every website).

The only problem with .htaccess files is that they can be tricky to configure.

Admin Tools Professional simplifies the process of configuring and generating .htaccess files. The end result is a website that performs better and remains safe from a great many threats. These include common file injection attacks, clickjacking, and access by malicious user agents, to name but a few.

Hardening your server via the .htaccess file should be updated regularly as security best practices are always evolving.

The .htaccess maker is routinely updated  so it’s a good idea to review your settings on a regular basis and apply any changes to your .htaccess file as appropriate.

Use a Joomla security extension to protect your website

Admin Tools is a must-have add-on for any web development professional and indeed any hobbyist who takes Joomla security seriously.

With a very robust free version, and an affordable professional version, there is little reason to maintain a Joomla website without Admin Tools.

More Joomla security tips

If you’re looking for more Joomla security tips, check out our blog posts on securing both your Joomla template and your web agency policies.