Each website is interesting for hackers, not only the online stores and large popular websites. Hackers use automated scripts to scan random websites for known security problems.
Hackers do not make a distinction in the size or importance of a web site.
Previously, websites were hacked often visible, eg a political statement on the front of the website (defacing). Nowadays a lot of money is being earned with hacked websites. Your website might be abused for:
- collecting bank or personal information (phishing);
- send large numbers spam (spamming);
- make other websites temporarily inaccessible (DDOS);
- infect visitors with viruses and "Trojan horses".
The purpose of infecting visitors' computers with viruses and "Trojan horses" is to send private and bank data collection, spam, computers add to botnet and / or computers hostage by encrypting personal data and decrypting after payment of ransom.
Make backups regular. Backups are useful when doing major changes to the website, such as a software upgrade, the installation of an extension or many textual changes. An untested backup is not a backup. Test the backups by carrying out a restore on a different location, e.g., on a PC.
Up to date
Software may contain errors. Make sure all software is up-to-date: both Joomla as the installed extensions (extensions). Make sure that the server software is up-to-date. PHP versions prior to PHP5.5 are no longer supported with bug and security patches.