This is an old revision of the document!
First Steps
Security
- Enable Two Factor Authentication
- Make sure ACL is properly setup
- Disable Mass Mail (Global Configuration → Server)
- Remove All unused Users, Groups
- Disable User Registration (Global Configuration → Users → User Options)
- Setup password Complexity if you allow User Registration (Global Configuration → Users → Password Options)
- Activate https for the whole site (Global Configuration → Server)
Configuration
- Set the PHP required by your Joomla installation MultiPHP Manager
- Setup ReCaptcha. Get credentials from ReCaptcha, setup the plugin here, set the option in (Global Configuration → Site) as below.
- Disable Error Reporting (Global Configuration → Server)
- Setup eMail (SMTP) (Global Configuration → Server)
- Select Correct Time Zone (Global Configuration → Server)
- Set Feed eMail Address to “No Email”
SEF
- Enable SEF → Joomla Enable SEF
- Make sure all of your alias for menus, categories, articles are small caps and use - for space, ex. product-list
- Install ReDJ for making custom urls or redirects from your old site
- Setup a custom 404 page
Caching & Sessions
- Enable Caching & Session → Joomla Caching
Media
Extensions
- Delete Unused Extensions
- Update All Extensions
Templates
- Uninstall unused Templates
Legal Terms
- Enable Cookie Banner
- Create a Terms of Service page
- Create a Privacy page
- Setup Google Analytics
- Check PageSpeed Insights
Content
- Remove All unused Articles, Categories, Menus and Modules.
- Remove All unused Assets (Images etc)
- Empty Trashes
- Check Robots.txt for required changes
You should be ready to go public.