Joomla best-practice and security audit tool released
We are excited to finally announce the public release of our latest tool for Joomla — the website audit!
We internally tested the audit tool for months, as well as privately releasing it to our beta testers 4 weeks ago. On Monday we silently released it to the public in preparation for our 3rd birthday celebrations.
A brief overview of the Audit tool is shown in the video below:
The Audit currently performs 4 main functions.
1. Joomla configuration and best-practices detection
This part of the audit scans for many of the well-known Joomla best-practices such as:
- Removing administrator with known usernames
- Using strong passwords for Joomla users and for your database
- Disabling guest user registration
- Using random database prefixes
- Disabling Magic Quotes and Register Globals
This section checks a total of 22 items.
2. Joomla Filesystem Integrity
The audit tool in this part scans for any hacking of core files distributed in the Joomla core package.
3. File & Folder Permissions
This part of the audit scans every file and folder in your Joomla installation to make sure the permissions are safe.
4. Deep Malware Scanner
Unlike our long-available surface malware and blacklist scanner, the Malware Scanner in the Audit is a deep, inside-out scan that looks for common malware signatures and suspicious code.
Try it out
All Watchers can start using audits today as long as they have updated to the most recent Watchful Client. The Start Audit button is located in the drawer for any site in the Tools area while the list of audits can be found in the Insights area.
Audits are easy to perform and usually take 2-3 minutes.