I've got a Joomla! 1.5 client asking to complete an audit of the install's health, Search engine optimization and security.

Joomla! Tool Suite / HISA does not exist any longer what are the comparable extensions I possibly could use?

Otherwise, do you know the primary issues you must generally address when looking for a Joomla! site's health insurance and security?


I don't learn about any software that can help evaluate this for Joomla.

I'm able to spend hrs groing through this..., this is actually the brief version -)


  1. Make certain client is up-to-date using the latest version of Joomla 1.5 which includes all of the latest fixes like: xss, sql injection, etc...
  2. Make certain PHP configurations have been in order
  3. Make certain MySQL configurations have been in order
  4. With time database becomes reduced due to "quick removes"... therefore it must be washed (enhanced) to really make it speed up. Evaluate and Optimize entire database or perhaps a table at any given time with Evaluate TABLE and OPTIMIZE TABLE

Search engine optimization:

  1. Use Google Website owner Tools that will help you understand particulars.
  2. Use Google Statistics to know what type of traffic you are receiving.
  3. Check pages for game titles/description and content written for that customers and never search engines like google
  4. Make certain Internet Search Engine Friendly Web addresses are utilized. If sh404 can be used, make certain it's up-to-date to latest version.


That one could possibly get super complex, depending of the amount of security, installed components and atmosphere.

  1. Make certain database is obtainable only through the localhost or webserver is exterior db can be used and particular Insolvency practitioners. Do not let "wildcard access" towards the database.
  2. Restrict administrative screen (world wide web.site.com/administrator) to specific listing of Insolvency practitioners (modify administrator/index.php file) or protected it with somekind of plug-in like "jSecure".
  3. If third party extensions are utilized which use file upload... inspect these to make certain file types are restricted through the server-side validation. Don't depend around the JavaScript to do the validation.
  4. Make certain username: "admin" sits dormant.
  5. Make certain permissions are correct. 644 for config file, etc...


  1. Make certain gzip compression can be used to lessen transfer size
  2. Make certain website is much less heavy. Use YSlow to evaluate. If it's think about using plug-in like jFinalizer to mix multiple exterior files into 1 and gzip these to reduce transfer size
  3. Check quantity of images for normal page... lots of websites use a large number of small images in CSS for pretty styles. This creates more request towards the server and slows it lower. Consider creating sprites.