This book will give you a strong, hands-on approach to security. It starts out with the most basic of considerations such as choosing the right hosting sites then moves quickly into securing the Joomla! site and servers. This is a security handbook for Joomla! sites. It is an easy-to-use guide that will take you step by step into the world of secured websites. This book is a must-read for anyone seriously using Joomla! for any kind of business, ranging from small retailers to larger businesses. With this book they will be able to secure their sites, understand the attackers, and more, without the drudging task of looking up in forums, only to be flamed, or not even find the answers. Prior knowledge of Joomla! is expected but no prior knowledge of securing websites is needed for this book. The reader will gain a moderate to strong level of knowledge on strengthening their sites against hackers.

Table of Contents:
Introduction This is an introduction to the concepts of security for your Joomla! site. In this section, we introduce the reader to concepts, tools, and ideas. Chapter 1: Let's Get Started This foundational chapter gets the reader ready by reviewing terminology, understanding hosting companies and how to select. Learning to architect Joomla correctly at the first, where to download Joomla, its important settings, permissions and trip ups and lastly setting up metrics for security. Chapter 2: Setting up a Test and Development Environment Once you have your site planned, setting up a test and development environment allows you to make sure each extension will work together as planned. This chapter gives the reader a methodology to effectively set up and use a test/dev environment, with a review of a great tool, Lighthouse , for software development project management. Chapter 3: Tools sets to protect There are a few key tools every Joomla administrator should have in their security arsenal. This chapter covers the tools used to protect your site. Chapter 4: Introduction to Vulnerabilities What is a vulnerability? It is anything that can be used against you to hurt your site. This chapter introduces some common vulnerabilities and how they work. Chapter 5: Anatomy of Attacks Specific attacks such as SQL Injections are discussed here, with live examples of code used to attack sites, kiddie-scripts, and other more advanced attacks. Chapter 6: How the Bad Guys do it Do you ever wonder what tools the bad guys use? This chapter covers some of the commonly available tools, and how they are used against you. Chapter 7: PHP.INI and .HTACCESS This chapter details out the two important safeguards to your infrastructure. It offers a detailed view with code samples of each of these critical files. Chapter 8: Log Files Without a doubt, log files are the first, best indication of a coming attack, yet many administrators do no know how to interpret these critical files, or worse yet, ignore them. This chapter will teach the reader how to read log files and take care of them for forensic purposes. Chapter 9: SSL SSL is the guardian of e-commerce on the Internet. In this chapter you will learn how SSL works, where to obtain a certificate, and how to implement it in your Joomla! site. Chapter 10: Best Practices for Incident Management Even the best-laid plans go astray. If a site is actually hit, you have an incident to handle; this chapter will educate you on some best practices for handling the incident in an effective manner. Chapter 11: Security Administrators' Reference Looking for that one bit of information? This chapter is a concise reference to highly important items of security information that will be important to your daily efforts in protecting your site.