If at all possible, do not leave the FTP settings for your hosting account in your #Joomla configuration. Even if you have "Enable FTP" set to "no," your ftp details may still be in the actual configuration.php file of your Joomla install. Should your site be hacked and this info compromised, you could end up in the greatest world of hurt because hackers would then have full access your Joomla folder and present any number of types of hacks instead of your site. How to wipe your FTP settings clear in your Joomla configuration is what today's #maintenancemonday is all about.
00:00:00 โ Stream Start & Episode Intro
00:01:02 โ Why Wipe FTP Settings
00:01:54 โ FTP on Older Servers
00:02:44 โ Giveaway & Tool Overview
00:03:18 โ Check Server Before Disabling
00:03:57 โ Manual Edit: configuration.php
00:04:55 โ Inside FTP Settings
00:05:32 โ Disabling โ Removing Credentials
00:06:47 โ How to Fully Clear FTP
00:08:09 โ Automated Method with myJoomla
00:09:38 โ Multi-Site FTP Security
00:10:00 โ Summary & Best Practices
00:10:13 โ Closing & Thanks
Summary
-
Introduction & Stream Context โ
Episode introduces how to wipe FTP settings from Joomla configuration and explains the rebroadcast due to livestream technical issues. -
Why FTP Settings Exist in Joomla โ
Explanation of the historical FTP layer used for servers that lacked proper file permissions. -
Security Risks of Stored FTP Credentials โ
How exposed FTP credentials inconfiguration.phpcan allow attackers to access hosting files and fully compromise a Joomla site. -
Checking Whether FTP Is Required โ
Guidance on verifying if a site still needs FTP before disabling it to avoid breaking functionality or admin access. -
Locating FTP Settings in configuration.php โ
Demonstration of finding FTP host, username, password, and enable settings inside Joomla configuration files. -
Manual Method: Removing FTP Credentials โ
Step-by-step process of clearing FTP fields, disabling FTP properly, and ensuring credentials are permanently removed. -
Testing After Removing FTP Settings โ
Confirming site functionality remains intact and verifying that FTP data is no longer stored in Joomla configuration. -
Automated Method Using myJoomla.com โ
Using the myJoomla security audit and one-click fix tool to remove FTP configuration safely. -
Managing Security Across Multiple Sites โ
Advantages of using centralized tools like myJoomla to audit and secure multiple Joomla installations efficiently. -
Final Security Advice & Wrap-Up –
Encouragement to remove unnecessary risks, maintain strong Joomla security practices, and support the channel and community.
Please send any feedback or bug reports or queries to;
Contact Tim Davis โบ
This email address is being protected from spambots. You need JavaScript enabled to view it. Joomla Training Cohort โบ https://cybersalt.com/jtc
JTC has been launched and is now accepting members https://cybersalt.com/services/subscriptionsMigrateMe 4 โบhttps://www.php-web-design.com/Joomla-Components/fool-proof-migrations-from-joomla-3-to-joomla-4-x.htmlFOLLOW US ON X(TWITTER!) โบ https://x.com/basicjoomlaLIKE US ON FACEBOOK! โบ https://www.facebook.com/basicjoomlaSUBSCRIBE US ON YOUTUBE โบ//www.youtube.com/@Basicjoomla
Add comment