sh404SEF security features guide
Preamble
As outlined in the overview, sh404SEF includes a basic set of security features, to help in avoiding your site being taken control over by malware and other attacks. Contrary to many other available similar options, sh404SEF operates as a Joomla! extensions, ie not at the operating server level. Some checks might be better performed at web server levels from a performance stand point (inside a .htaccess), but adding some protection level in PHP, inside Joomla!, is also more portable (.htaccess files only exist on the Apache web server). In addition, sh404SEF can implement spam protection would be much harder to do at web server level.
Security includes many levels and is constant work. Some of the things you want to do:
- running a wel configured and constantly updated web server software, or making sure your hosting company has an excellent rack record
- using well-known and regularly updated extensions
- constantly updating both Joomla! and the extensions you use
Input filtering
sh404SEF lets you make sure selected requests variable are of a certain type (ie: only integers, only letters, no links, ...). You can also make use of white-lists and black-lists to block access from specific IP addresses or user-agents strings.
Anti-flooding
Flooding is the act of sending a lot of requests to a web server in order to make it slower and slower, and eventually take it down. sh404SEF can control the request rates from specific IP address and block access as early as possible. Though such protection is definitely best performed at web server level, sh404SEF implementation is easy to enable and works in multiple environment.
Anti-spam
Protection of your site against the addition of malicious content in comments or forums can be improved by submitting incoming requests to Project Honey Pot for screening. This project constantly maintains a database of IP addresses known to belong to spammers.