Joomla! Web Security
上QQ阅读APP看书,第一时间看更新

Architecting for a Successful Site

Believe it or not, planning for your site rather than diving in will help you have a much more secure site. How, you may ask. Through careful planning, you can establish a path and a direction to get there. You can research the pitfalls and find ways to avoid them. Thus, you will be operating in the parameters of wisdom, which will enable you to depend on others' experiences, and learn from the mistakes that they made.

What Is the Purpose of Your Site?

If I had $1.00 every time a client said, "I need a website" and I asked, "What is it going to do?" I would probably be sitting on a beach drinking something with an umbrella in it rather than writing! Though seriously, it's more common than not. The answer is often not well thought out, thus causing many uncomfortable questions to be asked.

Here's a real life scenario: Customer "X" says that he works in the financial world and needs a 'secure' website. He needs to "securely" make available his highly confidential financial documents to his clients via the Web. "Security is very important to us" they stated multiple times.

OK—what would you ask if this were you? What steps would you take? Let's walk through this together and follow the trail of knowledge.

Eleven Steps to Successful Site Architecture

Step one: Define the current business practices that do not interrupt the business process flow. In other words, you want your website to reflect the most reasonable and currently established business practices, as closely as possible.

Step two: What will be the purpose of this site for your customers? Is it e-commerce? Is it a membership site? Is it a secure document repository?

Step three: If this is highly secure (read: e-commerce), have you researched the cost of the security (SSL) certificate for your site? If you are doing any type of financial transactions such as taking money, you will more than likely need an SSL setup. This can influence the choice of the hosts.

Step four: Where will you host? Is this your favorite nephew's "really-smokin' hot box" in his basement? Not a good plan. Is this a "free" host?—might be good, but hey, if this is important, spend a few dollars and get a solid host. Check the reputation for the host. Surf around and read reviews. You'll figure out quickly who's good and who's not.

Step five: If you need SSL, does the host you selected in step 4 support the inclusion of certificates? Can you buy a certificate from them? Believe me you want to check this one.

Step six: Draw out the functionality of the site you want. What it will do, what content it will serve, how the users and visitors should interact. After balancing out the three factors of ease of use, speed, and security, you can decide.

Step seven: Taking step six a bit further, what extensions will you need? Will you have one written? Two problems exist right away for either of these.

  • Existing third-party extensions. Check the vulnerability list. Are they on it? If so, you will need to make the call if you can live with it (probably not), or if you can fix it. If they are on the list, contact the developer and see if he/she has fixed it. If not, then find another way to accomplish what you need done.
  • Custom work. There abound thousands of developers for Joomla! and a good places to check are http://www.jcd-a.org and http://www.joomlancers.com. Both these sites offer lots of either well-written extensions or in the case of Joomlancers, a rent-for-hire coder. You may say Great! I can hire someone and put them on the task of building my UBER customer extension! Here's where it gets weird. You need to ensure the testing methods they will use (demonstrable) to prevent SQL injections, buffer overflows, and so on. And the second thing is, get them to agree to fix any vulnerability with their original code that is discovered in the future, as part of the deal.
  • What if you upgrade? Will your extension be compatible? Maybe, and maybe not. If you upgrade from say 1.0.12 to 1.0.15 or even 1.5.x, which you may consider is an easy jump, then will it work? A lot of extensions may fail or not even be compatible after that. This can cause potential security holes? Yes.

Step eight: A very large percentage of security problems are caused by the employees and customers; sometimes on purpose, and sometimes by accident. Therefore you need to consider this as a part of how you will prevent bad security issues with customers and employees. The ideas include mandatory password lengths, changing passwords frequently (30 days to 60 days is a common time frame), and educating customers and employees on "social engineering" tactics.

Step nine: Read this book thoroughly, as well as others. Learn (if you don't know already) a bit about PHP programming. I recommend W. Jason Gilmore's book.

Note

W. Jason Gilmore, Beginning PHP and MySql 5 — From Novice to Professional (California: Apress, 2006).

Research the security forum on Joomla.org, as there is a ton of information available to you. Know what settings are available; know what happens when a setting goes wrong. Remember, security is not a "defensive" action; it is a proactive action. The best time to get the bad guy out of your site is before he or she gets in.

Step ten: Draw up a plan to test your site, check your permissions, check your php.ini, and your .htaccess file. Then test some more. Consider doing or hiring out a "pen-test" or "penetration test" on your site to see where it can be broken into. Do this on your test site BEFORE you go live. Decide WHEN you will need to upgrade and why. Don't update unless there's a valid reason to upgrade, such as a major vulnerability in the CORE code is discovered, and then be careful. Deciding this upfront and before you start it will enable you to be aware of why you are upgrading rather than just following the Joomla! herd and upgrading because of a new release.

Step eleven: The last decision you have to make is which version of Joomla! do you want to use? Do you want the 1.0x series? Or do you want the Joomla! 1.5 series? Each offers a powerful CMS, and each offers a plethora of reasons to use them. How you decide this is beyond the scope of the book, but this needs to be mentioned.