Home
/
Other Applications
/
Is unpublishing insecure extensions sufficient for protecting my Joomla?

Is unpublishing insecure extensions sufficient for protecting my Joomla?

If you unpublish an insecure extension from the backend of your Joomla!, a security issue still remains because a potential attacker can bypass Joomla’s index.php file and target the files of the vulnerable extension directly.

Therefore it is recommended to completely remove the files and the database tables of such components from your hosting account. Usually the Uninstall process will do that for you, but still, we recommend that you check the components folder of your Joomla! and see whether there are any left-over files from the vulnerable component.

If so, then you should manually delete them using the File Manager in your Site Tools or a regular FTP client.

Share This Article