When you are running a content management system (cms) such as Concrete5, security should be a priority. In this article we will provide tips for protecting your Concrete5 powered website.
Also, be sure to read Concrete5's Official Security page, where they provide specific information and recommendations.
Tips for Protecting Your Site:
- Our first recommendation is to use strong passwords for the Concrete5 admin areas, and update them periodically. A weak password would include any dictionary word, or common patterns (asdf), and no special characters.
Here is an example of some weak passwords:
password, 12345, qwerty, hello123
A strong password will include a number, some special characters and will be at least 8 characters. Here are some good passwords, (these are just for an example, please don't use these):
[B-M]y7(iIyt, o*o(Al_-uEF2, R)W[i4Ker^QU
- Next, I recommend performing regular backups from your cPanel, or in the Concrete5 Dashboard, and storing the backups on your personal computer or external hard drive. This is to ensure you can recover your website files, if they are damaged or modified due to a hack, or malware.
- Another important measure is performing regular updates. Concrete5 is open-sourced, which means security risks are typically discovered and fixed quickly, but you are not protected unless you perform updates.
- Finally, do not use 'admin' as a username for your Dashboard. In case you are, here is a link to our guide on changing your username in the Dashboard.
By following these tips, you can protect your Concrete5 Site from common online attacks or recover the site after a hack!