This link has been bookmarked by 42 people . It was first bookmarked on 06 Jun 2007, by Sharyn Horowitz.
-
24 Jul 08
-
15 Jul 08
-
29 May 08
-
26 Mar 08
-
11 Feb 08
-
06 Feb 08
-
03 Feb 08
-
14 Nov 07
-
12 Nov 07
-
15 Oct 07
-
13 Oct 07
-
12 Oct 07
-
03 Oct 07
-
- There's no free lunch! Don't be fooled by Joomla's award-winning easy of use. Maintaining a secure, dynamic Web site on the open Internet is not easy. Security requires continual watchfullness and effort.
- There's no single solution: Due to the variety and complexity of today's web servers, security issues can't be resolved with simple, one-size-fits-all solutions.
- There's no substitute for experience: To secure your site, you must gain experience (some of which will be bitter) or get experienced help from others.
- Rise above the herd: The Security Forums are filled with "Help! I've been hacked" posts by people who did NOT follow standard security practices (this author included
). If you decided to study documents such as this before your site is compromised, congratulation, you're already ahead of the herd. - It's not as hard as it looks: The following checklist may seem intimidating, but you don't have to deal with all of it at once. As you become more familiar with GNU/Linux, Apache, MySQL, PHP, and Joomla!, you'll quickly see which combination of tactics best applies to your current installation.
-
-
25 Sep 07
-
29 Aug 07
-
27 Aug 07
-
INTRO 1: Joomla! Administrator's Security Checklist -
- Avoid the use of PHP safe_mode. [FAQ]
- Turn Joomla! Register Globals Emulation OFF. [FAQ]
Related Forum Discussion
-
Once your site is configured and stable, write-protect directories and files by changing directory permissions to 755, and file permissions to 644. There is a feature in Site --> Global Configuration --> Server to set all folder and file permissions at once. Test third party extensions afterwards. Note: You'll need to reset write permissions to install more extensions.
Post: Shell script for setting file and directory permissions -
- Remove all design templates not needed by your site. Do not put security logic in template files.
-
- BEFORE installing third party extensions, check: Official List of Vulnerable 3rd Party/Non Joomla! Extensions
-
How to fix an extension that requires register_globals ON
-
-
17 Aug 07
-
19 Jun 07
Samuel MenezesJoomla! - Content Management System and Web Application Framework
-
17 Jun 07
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.