- Proper Hosting Environment
A properly configured server is highly recommended for your joomla website. Host your site on a server that runs PHP in CGI mode with su_php. This means that PHP runs under your own account user instead of the global Apache user and you don’t need to set insecure global permissions like CHMOD of 777.
a. Set register_globals OFF
b. Disable allow_url_fopen
c. Adjust the magic_quotes_gpc directive as needed for your site. The recommended setting for Joomla! 1.0.x is ON to protect against poorly-written extensions. Joomla! 1.5 ignores this setting and works fine either way.
d. Don’t use PHP safe_mode
- Change the Default Database Prefix (jos_)
While installation, change the default database prefix to something random. This will prevent most of the SQL injection attacks as hackers try to retrive superadmin details from jos_users table.
- Disable FTP Layer
While installation, dont enable the FTP layer as it opens up a potential security hole since your FTP details are stored in plain text under a Joomla! configuration file. FTP layer is not required if your hosting is secured and configured properly for Joomla.
- Change superadministrator username
After installation, change the username for the super-administrator. By default, its admin. So change it something like ravi.chamria so that the username/password combination becomes difficult to guess or crack.
- Strong password
Always use strong password for the administrator accounts. An example of strong password is E@^M!lt;9@k. You can use sites like http://www.strongpasswordgenerator.com to generate a strong password.
A good addition is to password protect the administrator folder. In apache web server, you can do this htaccess file or in cpanel, you can use Password Protected Directory option to setup a password. This will add another layer of username/password before someone reaches your Joomla admin details. Needless to say, have this password different from Joomla admin password.
- Enable SEF URLs
Most hackers use the Google inurl: command to search for a vulnerable exploit. So enable SEF urls from site configuration if you are using Joomla 1.5. You can also use extensions like SH404SEF for both Joomla 1.0 and Joomla 1.5. This will prevent hackers from finding the exploits as well as benefit you in SEO perspective.
- Upgrade to latest release of Joomla
Always upgrade to the latest release of Joomla as soon as possible. The current release is 1.5.11. You can subscribe to http://feeds.joomla.org/JoomlaSecurityNews or our blog feeds http://feeds2.feedburner.com/joomlainblog to get updates about the latest security releases.
Always download Joomla! from official sites, such as the Joomla! Forge, and check the MD5 hash
- Third party extensions
There are more than 4000 extensions available for Joomla many of which are non-commercial. But dont take this as an opportunity to install unnecessary extensions on your website. Remember that most hacking attempts occur due to vulnerability in these extensions. So, always use extensions which are popular, has strong community backing and development process.
- Proper file/folder permissions
The proper file/folder permissions for your joomla website is:
* PHP files: 644
* Config files: 666
* Other folders: 755
You can CHMOD the files and folders using your FTP client.
- Setup a backup and recovery process
Always rely on a strong backup and recovery protocol for your live website. Its not just hacking that may compromise your website but other factors like a faulty upgrade or extension install, hardware failure, hosting provider issues. You can use JoomlaPack, a non-commercial component native for both Joomla 1.0 and 1.5 for backup.
(ArticlesBase SC #987902)
For more details please click here.
The Joomla Project is proud to announce the immediate availability of Joomla 1.6 beta 7 (download). IMPORTANT NOTE: This is a beta version and is not intended to run any type of production site. It is intended to be used for evaluation purposes only.
Since the Joomla 1.6 beta 6 release on July 26, we have fixed approximately 85 issues in the tracker. This progress is directly related to the continued efforts of the Joomla! Bug Squad. Thanks for all your hard work in bringing us one increment closer to stable!
See the CHANGELOG for details of what has been changed in this release.
This is the sixth in our series of continuous beta releases. Beta 8 will be released on August 23, 2010.
Download here: http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5364
For Joomla development please visit our site
WordPress CMS website design and development
wordpress has evolved as a revolution in the CMS zone. It not only provides a blogging service, but it has also come up a long way as a Content Management System for websites.
WordPress is proven to be powerful when it comes to creating a search-engine friendly website. With it’s rich functionality and attractive designs, it offers many user-friendly features. Earlier, wordpress had a few bugs to overcome, which they did by releasing updated versions regularly. WordPress beats the other two CMS explained below, with it’s high-level security and speed.
Joomla CMS website design and development
Joomla is at it’s best.
As far as we’ve known Joomla, It’s an outstanding platform to create CMS websites. Though there’s some complication associated with it’s user-friendliness, It’s being widely used by the professional website designing companies.
Joomla’s functionality and features are richer than WordPress and Drupal. It provides a lot of extensions along with extremely useful search-engine friendly options. Joomla is popular for it’s versatility and the "content management system" community behind it. Truly a master-piece for website developers.
Drupal CMS website design and development
Drupal CMS is becoming almost as popular as Joomla. It has some impressive modules similar to Joomla and comes with a variety of characteristics that are truly developer-friendly. Drupal leaves behind the other two explained before when compared to it’s add-ons. Drupal has many free themes and a fine feature to change the appearance and styling of the themes.
click here to know about our CMS web services
(ArticlesBase SC #2995933)
Those who are into online business understand the importance of Joomla powered website. We all know that Joomla is an open source management system and anyone can build a Joomla powered website. But to make a “successful” Joomla powered website it is important to use proper components and a better feature to a Joomla powered site that is successful not just among the users but also gets more attention from the search engines.
Plan Your Site
Websites cannot be developed in one day, instead proper planning and execution is essential for developing a better customized Joomla powered website. Joomla can easily keep track of your content, but you shall have to put it in a manner so that your web audience can access your information and have a constructive experience. Hiring Joomla CMS experts can help you plan a usable & functional website and execute them to make a successful Joomla CMS or a web site.
The extensions make your content usable for the visitors but the secret of Joomla is in its easy to use, supple platform, regular updates, and over 4,100 extensions—modules, components, and plug-ins. Hire Joomla Development Company to make Joomla work for you in the best way. Joomla development India uses the best features and appropriate extensions that goes with your brand image and attracts the target visitors.
A website works best only if it is both, user friendly and search engine friendly. To make a website successful, it is very important to promote your site using most appropriate techniques. Hire expert Joomla developers to promote your site in a search engine friendly manner. Joomla developer India knows the search engine guidelines and use proper keywords, meta tag description and article summaries to turn your simple website into a successful Joomla powered website. Click here to know more about SEO.
Hire expert Joomla developers India for a Joomla website with better usability, user centric approach, seo friendly features, best extensions, easy to update options. We specialize in Joomla, Drupal, Zencart, Yahoo Cart, Magento and many other open source applications. You can also hire expert PHP programmers.
Read at source
The Joomla Project is proud to announce the immediate availability of Joomla 1.6 beta 4 (download
). IMPORTANT NOTE:
This is a beta version and is not intended to run any type of production site. It is intended to be used for evaluation purposes only.
Since the Joomla 1.6 beta 3 release on Jun 14, we have fixed approximately 103 issues in the tracker. Much of this progress is directly related to the stepped up efforts of the Joomla! Bug Squad. Thanks for all your hard work in bringing us one increment closer to stable!
See the CHANGELOG for details of what has been changed in this release.
This is the fourth in our series of continuous betas. Beta 5 will be released on July 12, 2010.
Download here: http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5300