Advanced Security After Installation
As you have seen, many of the open source CMSs have a number of security add-ons available. Take the time to review all the tools available for your particular CMS to ensure you are safe.
On the commercial front, one tool that does a good job of protecting the PHP-based CMSs against most attacks is SecureLive from Securelive.net. It works with Joomla!, Drupal, and WordPress. It offers a number of very strong security features to help defend against hackers, and has a site report card to help you isolate other issues that could result in successful attacks.
Other good security measures to consider deploying are mod_security and another open source product, ConfigServer Firewall (available from www.configserver.com).
The key is to look at all your options (both Open Source and commercial) to ensure that you are not dependent on a single product, but rather can layer your defenses.
Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
