Overview
Security traffic light – 1 urgent item(s)
- HTTPS is enforced
- Protection shield active and up to date
- Exploit shield active
- Real-time protection (WAF) active
- Backend access unprotectedSet up an extra password prompt for /administrator.
- Upload folders hardened
- No known vulnerable extensions
- Automatic monitoring + mail active
- Joomla 6.1.2 up to date
- PHP 8.3.32 up to date
Set up the backend access protection
Protect /administrator with an additional web server password prompt – set up in 30 seconds. Use different credentials than for the Joomla login.
System & self-test
- Joomla 6.1.2 · PHP 8.3.31
- Server: Apache compatible · HTTP self-test: available
- Last self-test: 4 of 4 passed 2026-07-11 09:42
Which checks? (show details)
| Check | Status | Result |
|---|---|---|
| Startseite erreichbar | no connection | OK |
| Backend erreichbar | no connection | OK |
| PHP-Schild blockt Upload-Skripte | no connection | OK |
| configuration.php nicht auslesbar | no connection | OK |
Real-time protection, monitoring & notification
One switch, three effects: real-time protection (blocks exploit calls in the POST body too, which a .htaccess cannot see), automatic watcher (files, super-user accounts, defacement & warning list) and live signature updates – instantly for zero-days, with nothing to do on your part.
active Real-time protection is running, the background watcher checks regularly and loads new signatures.
No mail spam: Attack attempts never trigger an e-mail (they are only logged). Reported are exclusively genuine security findings (e.g. tampered protection files, suspicious accounts, defacement, newly found vulnerable extensions) – at most one summary mail every few hours, a reminder about open items no sooner than after 14 days.
Signatures · Firewall (real-time, GET+POST): 2026-07-11 (feed, 2026-07-11 06:00) · .htaccess foundation: 2026-07-11