Don't flame me... sentinel for Joomla?

Posted: Thu Oct 29, 2009 10:09 am

Hi guys;

don't flame me for this Very Happy

I'm still using nuke on my "big" website, but we made a group decision to go with joomla for another website. My question is this: is there a product that offers the security Sentinel does for Nuke, for Joomla?

Any suggestions or thoughts appreciated- I'm on a steep learning curve! Laughing

Cheers

Andy

registered · Posted: Thu Oct 29, 2009 3:25 pm

I read somewhere joomla uses his own kind of protection hardcoded. But i'm not really sure about the source
I saw that they use some kind of extension you can install to audit the cms.However I didn't see any advanced features NS has.

Posted: Thu Oct 29, 2009 6:27 pm

I recommended to join project honeypot.

There is also an extension for Joomla available but I believe it will be hard to find something similar to NukeSentinel for Joomla and I quess you are not looking for a paid solution. Such are available. Don´t know if they are worth the money e.g.:

http://www.ijoobi.com/component/option,com_jstore/Itemid,49/catid,15/controller,product-display/eid,55/task,show/

http://extensions.joomla.org/extensions/access-a-security/site-access/2786

Posted: Fri Oct 30, 2009 3:56 pm

This is just one person's opinion so take it for that. NukeSentinel is really a "bolt on" that was developed to compensate for PHPnuke's inherent security deficiencies. If the owner of Nuke at the time had been willing to build security into the product Sentinel probably would not have been necessary. Nukesentinel provides a number of fantastic features that go beyond "base" security ... such as ip2country, IP tracking, string blocking etc. but at its core basically everytime you load a page in *nuke all the items on and surrounding the page are checked by NukeSentinel. If the core software did sufficient checking on its own NukeSentinel would not be necessary.

Which is a long winded way of saying what Eldorado and Susann said. You need to look at what security Joomla has built in and see if that's sufficient.

Posted: Fri Oct 30, 2009 4:49 pm

AndyB, Hi I use Joomla for at least 9 sites. The security is hardecoded as mentioned and they regularly come out with new versions. Just make sure you stay up to date. Sign up to their security release e-mails, and this helps a lot to stay in the loop of updates. There are some components and extensions available for cost, but I have never bothered. If you update right away and stay current you should be good! A couple of great resources are joomlart.com and yootheme.com and rockettheme.com.

Good luck, but I still love RN Very Happy

jc

Posted: Wed Nov 04, 2009 1:09 am

thanks for the responses, guys & gals!

After having used Sentinel for so long, it gives a measure of "reassurance"- not sure if the guys have thought about creating/ releasing something similar that is "stand alone"- the amount of sites running php scripts with little/ no regard for ANY sort of protection must be huge. I did think about installing a very VERY basic version of nume on the server with sentinel, then deactivating most of the modules... (not sure if that would work?)
We actually tested the new site as a directory of fans, with the domain name pointing directly to it, BUT there were some slight config "issues" that would have taken me some time to sort...

I've looked into various options so far, and will check the links out (thanks). One of the guys helping with the new site used joomla for his own personal site, and it was hacked twice in the past.

As for "paid for" V "free"/ open source/ GPL etc., I've paid for one script already, not much, but it was a bit painful, shall we say- not as "smooth" as expected. Often, what I've seen so far, a LOT of the "paid for" scripts leave something to be desired for support, etc.

Cheers

Andy

Hangin' Around Joined: Aug 04, 2009 Posts: 36

This may be what you're looking for?

http://www.meotoo.com/catalog-product3.html

Smile