• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Blog Category: Joomla! Security

joomla-security-blog-category

See posts about Joomla! website security including new vulnerability disclosures, research and technical details. Learn how to protect your Joomla! installation and secure your site against emerging threats. If your Joomla! site is infected, read our guide to fixing a Joomla! hack.

How to Secure & Harden Your Joomla Site in 12 Steps

October 4, 2022Victor Santoyo

How to Secure & Harden Your Joomla! Website in 12 Steps

At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, advice can often be too broad; different content management systems (CMS) exist in this ecosystem and each require a unique security configuration. That’s exactly why the Sucuri Firewall contains an…

Read More about How to Secure & Harden Your Joomla! Website in 12 Steps

Security Lessons Learned from 2021

July 14, 2022Victor Santoyo

Security Lessons Learned from 2021

There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to see trends and techniques emerge…

Read More about Security Lessons Learned from 2021

Labs Note

October 6, 2020Krasimir Konov

Backdoor Shell Dropper Deploys CMS-Specific Malware

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want….

Read More about Backdoor Shell Dropper Deploys CMS-Specific Malware

Labs Note

August 3, 2020John Castro

Vulnerabilities Digest: July 2020

Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Asset CleanUp: Page Speed Authenticated XSS 1.4.6.7 80000 Quiz And Survey Master Authenticated Stored XSS 7.0.0 30000 Comments – wpDiscuz 7.0.0…

Read More about Vulnerabilities Digest: July 2020

Labs Note

January 29, 2020Marc-Alexandre Montpas

Stored XSS in Elementor

During a routine audit of WordPress plugins last december, we discovered a Stored XSS vulnerability in the very popular Elementor Page Builder plugin, which powers no less than 3 million+…

Read More about Stored XSS in Elementor

Hacked Website Threat Report 2019

January 28, 2020Rianna MacLeod

Hacked Website Threat Report – 2019

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…

Read More about Hacked Website Threat Report – 2019

October 24, 2019Luke Leal

Throwback Threat Thursday: JCE Vulnerability

Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to…

Read More about Throwback Threat Thursday: JCE Vulnerability

Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure

September 25, 2019Victor Santoyo

Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure

At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, most advice can often be too broad; different content management systems (CMS) exist in this…

Read More about Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure

Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection

September 5, 2019Fioravante Souza

Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection

Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to…

Read More about Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection

Return to the City of Cron - Malware Infections on Joomla and WordPress

May 27, 2019Luke Leal

Return to the City of Cron – Malware Infections on Joomla and WordPress

We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…

Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress

.Htaccess Injector on Joomla and WordPress Websites

May 23, 2019Eugene Wozniak

.htaccess Injector on Joomla and WordPress Websites

During the process of investigating one of our incident response cases, we found an .htaccess code injection. It had been widely spread on the website, injected into all .htaccess files…

Read More about .htaccess Injector on Joomla and WordPress Websites

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.