Password Protect Joomla Backups for Increased Security
Sunday, 29 August 2010
Inexperienced Joomla designers or business users who manage their own Joomla websites don't know why or how to encrypt Joomla site backups.
Why: Considering that you should have backups of your website on multiple locations so that there is no single point of failure that could easily destroy the data, managing the security of backup files becomes difficult. In this case, password protecting your backup files gives you another level of protection against thieves who might have gained access to one of the backup locations.
How: An easy and reliable way to password protect your backups would be at the time they are generated on your server. Your Joomla developer should just use an option to add a password while completing a zip compression of your Joomla site.
Is your Joomla backup file bigger than 2GB? Considering that zip files are limited to 2GB in size, your Joomla programmer can resolve this issue by first splitting your uncompressed backup to multiple zip files than zipping each one individually.
How can I retrieve a lost Joomla backup password? Well, if you don't have your password written anywhere in a safe location and you cannot remember the password, your backups are basically useless.
However, I predict that only a limited number of small business users will utilize the feature because:
The feature is not of high value. Most small business websites barely keep their Joomla content updated and I don't see most of them getting to utilize it in one of their projects.
More things to go wrong. As you add complexity to any site, thee are more things that can go wrong increasing the cost of your Joomla maintenance.
More expensive to implement. While changing access control options is much easier in Joomla 1.6 than using a 3rd party extension, it will still require additional Joomla support time to implement and test the Joomla ACL.
Many experts recommend Joomla security seals and here is my take on it:
Advantages:
most online shoppers feel better about a site when they see these Joomla security symbols.
external scanning completed does protect against some common website threats.
Disadvantages:
additional costs
may create a false sense of Joomla security for you because only external scanning is employed. We've seen plenty of Joomla sites passing these external Joomla security scans but were outdated and contained known security holes.
Overall, I could recommend starting with
authorize.net or paypal symbol available for free.
SSL certificate symbols are typically available for free
clear website security policy where your Joomla development team will recommended a draft for your review.
clear return policy, terms of service, phone and mailing address easily found on the site
If the trust becomes an issue, further improvements could be needed but the above 4 items should be more than enough for the initial site release. Related to your own liability, it's greatly reduced if you don't have credit card information stored on the website.
Clients and prospects often complain to me that their Virtuemart checkout process is not looking good and optimized. Here is a set of screenshots that illustrate that example:
More often than not, the primary reason for a non-optimized checkout process is a lack of time and money invested in decorating the Virtuemart checkout pages.
Here, using screenshots, I show you how greatly we improved the above look and feel of the Virtuemart checkout process:
Last Updated ( Wednesday, 25 August 2010 )
Where do you save your Joomla backup files?
Monday, 23 August 2010
Where should you store your Joomla backup files? Actually, there is no single best answer because you should keep copies of your backup files on multiple locations.
However, the following should work well in the most cases:
1) Store more frequent copies with an external hosting provider. For
example, if your current hosting provider has a major issue (fire,
earthquake, system compromise...) from which they could not recover, you
would be able to recreate your website with another hosting provider
based on your backups stored there.
2) Store less frequent copies locally on your external hard drive. For example, if everything fails, you would still have most of your data preserved. While making local backups may be inconvenient due to lower Internet connection speed or automation issues, it is an important aspect of your Joomla website backup mix.
Check
with your Joomla developer where you website is hosted and make sure
you're not the next horror story I will hear about.
