Joomla Maintenance and Security




In this last video, I want to just go over a few of the site maintenance things you need to be aware of for your Joomla website. Go ahead and click on system and global configuration. We haven't talked about this very much. We've been in and out a couple of times; this is where all of your main settings are. It's only available to super users and for a good reason. We don't want just anybody in here. This is where you change your site name, put your site offline if you want to have a message that your site is offline you just click yes and you can enter a custom message in here if I click Save.
If I log out, there's my site: offline and you can add your logo and image and any text you want in here. I'm not going to go over every option here, but I'm going to go over the main ones. The default editor, of course, you want to change that if you add a new editor, like we did earlier. Default capture, default access level, most of these I don't ever change.
This is something I, you, should pay attention to: the meta description and site meta keywords. Google likes those. Content rights and whether you want to show the author meta tag or not when you're viewing an article. I usually do not show a Joomla version, simply because that's one more thing spambots like to know.
This is a great setting here: search engine friendly URLs and URL rewriting. You'll want to hover over this and read this carefully. If you don't understand this then you'll need to talk to your hosting company. If you're on an Apache server, you'll want to rename htaccess dot txt to dot HT access. This makes the URLs for your site human friendly and a little bit nicer - you want to experiment with that.
One of the things I always do is add the site name after page titles, something again Google likes. Clicking on the system tab you can set up debugging, caching and session settings. I can't go into all of that here. Once again, remember, when your site goes live, put that back to 15 - it's your server information.
You'll notice that all of my information is here. This is a local system, I'm not too worried about you seeing it. You'll never want to show this to the world, to the general world. You'll never want to show this to people who shouldn't be in there. Again, this is where you set up your global permissions for everything, so if you want to edit any of those permissions globally, this is where you would do it and you'll see how these things go ahead and inherit from the other areas.
You'll notice that the board members when we set up just a little bit ago can't do anything except log in and of course see the board member content.
So, global configuration. You won't go in here very often once your site is up and running except possibly to update the offline message if you need to. Go ahead and click Save and close up here.
On the system, drop down once again, global check-in, sometimes when people leave an article or a module without actually clicking save and close it can become locked and so you'll want to just every once in a while go ahead and check this out, making sure to check in all unchecked items. You'll see a little lock next to an article or a module that's not been exited out of properly. Clearing your cache and expired cache once in a while is helpful.
Finally, system information. This is all of the information about your system and if you ever have any issues about uploading new extensions, come here and check to make sure everything here is writable. My configuration dot PHP is unwritable. That's ok. Again, this is on a closed system. You should make sure that that's writable. Once again, if you have any questions about that, you can fix that in your cPanel or you can talk to your web host.
One of the great things about Joomla is that it works on PHP seven. PHP 7 gives us some fantastic speed increases and security increases and so that's something that's really helpful, as well a couple more things.
Always make sure your Joomla site is up-to-date when you log in. You'll get a message on the front screen that says your Joomla site is not up to date. You can click there and get it up to date. I always recommend taking a backup before you do that and there are some excellent extensions in the extensions directory that will help you do that.
You'll also see here, under maintenance, Joomla now tells you whether your extensions are up to date and, if they're not, you just click there and it will take you to extensions, manage, update, where you can update any of your extensions. Once again, keeping these up to date is really important.
Finally, the security of your website is only as good as the usernames, passwords and update that you maintain on your website. I can't stress this enough: don't allow managers, administrators or super users to use anything less than very secure passwords. Joomla does allow for two-factor authentication, using a Google Authenticator or AUB key, and you can try those out. There are other extensions that add security features to your Joomla website and that encourage you to look at the Joomla extensions directory to try some of those out.
Well, I think that's just about it maintaining and securing your Joomla website. Doesn't take a lot of work but it does take some careful thought making sure Joomla is always up to date along with all of your extensions. Maintaining properly tested backups and other security features that other extensions can provide really makes your Joomla site rock-solid.

Tags: Joomla 3



OSTraining teaches people how to build great websites, focusing on PHP platforms such as WordPress, Joomla, Magento and Drupal. You can learn more about there service by visiting or by subscribing to their Youtube channel.