Follow these steps to secure your Joomla installation’s PHP settings:
Steps
- Log into cPanel:
- Open your web browser and navigate to your cPanel login page.
- Enter your username and password to access the cPanel dashboard.
- Navigate to File Manager:
- In the cPanel dashboard, locate and click on the File Manager icon.
- Open the public_html directory or the directory where Joomla is installed.
- Edit the php.ini File:
- In the Joomla root directory, look for the
php.inifile. - If the file does not exist, create a new file named
php.ini. - Select the
php.inifile and click Edit. - Add or modify the following settings to enhance security:
display_errors = Off log_errors = On error_log = /home/your_username/public_html/logs/php_error.log expose_php = Off allow_url_fopen = Off allow_url_include = Off file_uploads = Off - Save the changes and close the editor.
- In the Joomla root directory, look for the
- Edit the .htaccess File:
- In the Joomla root directory, locate the
.htaccessfile. - Select the
.htaccessfile and click Edit. - Add the following directives to secure your PHP settings:
# Protect against PHP exploitsOrder Deny,Allow Deny from all Allow from 127.0.0.1 # Disable directory browsing Options -Indexes - Save the changes and close the editor.
- In the Joomla root directory, locate the
- Verify Changes:
- Ensure that the changes have been applied correctly by visiting your Joomla site and checking the PHP settings.
Important Notes
- Always backup your website and database before making changes.
- Test your site thoroughly after applying these settings to ensure there are no disruptions.
- Regularly update your Joomla installation and extensions to keep your site secure.
You will need to log into cPanel with your supplied username and password. Normally this URL is:
1) Select the Username field and enter your username
2) Select the Password field and enter your password
3) Next click the Log in button
4) Select the File Manager option under the Files section
5) With the Web Root radio button selected, click on the Go button
6) Select the ‘joomla’ folder and double click to open it
7) Right click the ‘htaccess.txt’ file then select the Edit option(The ‘.htaccess’ file can be used by Joomla for a number of directives)
8) Click the Edit button
9) Select a place near the top of the file to enter the following code. Enter the code exactly as illustrated here
This will code will prevent any errors from being displayed to site visitors
This can help prevent hackers from running potentially harmful code
10) Now click the Save Changes button
11) Click the Close button to close the editor
12) Click the Yes button
13) Now lets rename the file so Joomla can use it. Right click the ‘htaccess.txt’ file and select the Rename option
14) Now let’s rename the ‘htaccess.txt’ file to ‘.htaccess’
15) Click the Rename File button
You now know how to secure your Joomla PHP settings using cPanel
