You use Joomla? Huh... Me too... Did you know, that by this alone you became a potential target for some bad guys out there?

Like it or not, there are some nerds who are "specialized" themselves in hacking and cracking Joomla sites.

Scared? Not need too, just be cautious and take some countermeasures. What you can do about?

The part of your defense strategy should be to keep a low profile. No, not to remove yourself from search engine result pages, but hide the traces indicating that your site is built upon Joomla. The list of things you can do is pretty long, you may found some in this site too, as how to remove Joomla's copyright info . Let's add another one to your toolbox: how to remove the

'<meta name="generator" content="Joomla! 1.* - Open Source Content Management" />'

metatag from the eyes of source code snoopers.

There are lots of tricks for it, most SEF components, as my preferred sh404SEF offers this as an option. There are also other SEF enhancements out there offering the same as main purpose or side-effect. The one I like most is for Joomla 1.5.* family, and needs to make your hands a bit dirty with your site's template code.

So grab your preferred editor and let's slice and dice the template's index.php file.

In an average template you need to insert the following code string in the <head> section (between the <head> ... </head> tags) the following line:

			<?php $document->setGenerator('ANY TEXT HERE'); ?>		

Of course, use instead of "ANY TEXT HERE" something you like - and is potentially misleading, as: "HEY, THIS ISN'T A JOOMLA SITE! " or something similar Eek. (Did you mother teachin' you to not take advice from fools?)

You may need to play around with the placement of the above code string. In some templates it works even placed above the <head> calls while most of them need it in between the <head> section. If placed correctly inside your index.php file when you take look to your page's source code you'll see in the source:

                        <meta name="generator" content="ANY TEXT HERE" />

PS. Before you open that bottle of champagne to celebrate, think twice... Google reportedly have a specialized bot/strategy to index and rank Joomla based sites. And most likely Google will visit your site more often, that those bad guys. Do you need to hide this info, or better you would show it? It's up to you...

Category: Hacking the core

