The Securitycheck Joomla security plugin offers various ways to secure your website including:
- File scans
- IP whitelists/blacklists
- Joomla vulnerability monitoring
- Custom administrator login URL
- Akeeba backup support
The Joomla plugin has a free and pro version. The Securitycheck pro Joomla plugin has more features but the free version can do plenty to secure Joomla. Below we’ll cover how to secure your Joomla website with the Securitycheck Joomla plugin (free version).
Configuring the Securitycheck Joomla Security Plugin
- Follow the “Download” link at https://extensions.joomla.org/extension/securitycheck/. As of August 2021 you’ll be redirected to the plugin developer’s site – securitycheck.protegetuordenador.com. At the bottom of that page you can view features available with the pro version.
- Select the latest version number and “Download now” to download the Joomla security plugin. Below are checksums for com_securitycheck-3.4.1.zip.
SHA512SUM – 04a9831d86aad44afde22c1893414ed16ffab433b32ac831410071a03c7b92f2c3fa587903150fcb361ce51d96fbdac72102a0a1e9eca9f406c1cbd5ebd421ad
MD5SUM – 83dbd0878f83fc072849970f46a50309
RIPEMD160 – f535924b37709e923c8741d0a33da71a344fe052
- Log into your Joomla 4 administrator dashboard (e.g. https://example.com/administrator).
- On the left, select “System.”
- Under “Install,” select “Extensions.”
- Select “Or browse for file” and the plugin zip file. You’ll see the following notification:
- On the left, select “Components” and “Securitycheck” to access the plugin.
At the top you’ll see your web firewall status (enabled by default) and number of logs. Select “Check” to see your current cybersecurity posture.
There will be links for how to improve your overall status. Once done, select “Back to Control Panel.”
Select “Check Vulnerabilities” for info on your installed components.
“File Manager” is where you run manual security scans. You need to stay on the page for the scan to complete.
Select “View Web Firewall Logs” for recorded logs.
“.htaccess Protection” changes your administrator login URL.
Select “Global Configuration” to modify plugin settings including memory usage limits for security functions and file paths to exclude from manual scans. We recommend increasing the memory limit (256 to 512 MB to start) for faster scans if you have a well optimized website.
“Web Firewall Configuration” houses site firewall settings. The plugin is already hardened by default. You may want to edit this to whitelist any static IPs from your local network. Don’t forget to save changes.
At the bottom, you can import and export configurations as txt files.Learn more about how to secure Joomla websites with our Joomla 4 Education Channel.