configuration

  • Move your /temp and /log folders outside of webroot

    It's always a wise move to move your sensitive files outside of the so called WEBROOT, the directory which is used by Apache to show your website. This way you can be sure, that nobody else, but your Joomla core code can use these files.

    Moving some files/folders, like the main configuration.phpor the location of admin login may be tricky, but mowing these two key folders is relatively simple.

  • Move your config file outside of webroot

    This is a core hack. Files you change as described on this page will be overwritten during updates of Joomla!

    This tip explains how to move your configuration.php file outside of your webroot as well as making it unwritable by the server. That makes it nearly impossible for someone to corrupt or gain access to the information in the file.

  • My MySQL database does not support UTF-8! Do I have a problem?

    If you search for the title of this tip you will found lot of hits. Actually, my last search returned 6.6 millions of hits! Apparently lot of people are having with - or has fears on this subject. When I first published this tip, back in 2005, there was no such amount of answers/references, and I think, that this real flood of sites about this potential issue is not because lot of people would having problems, but because more and more people are getting into building interactive sites.

    So, do You have problems?

  • Never-ending database installation

    If you’ve been trying to install a quickstart package received after a template purchase, and the installation freezes at the database creation/restoration step you might have to make few changes in the server/PHP environment in order to fix the issue.

  • Options

    YOnce the basic setup is done, yo need to tweak your Joomla installation to behave as you need. you will need individual configuration settings for your website elements (components, plugins, modules, content pages, templates): in the Joomla lingo we call them options. These options are applied to the whole website, for users, categories, modules, components. Since Joomla 1.6 this has became standard: you will always find an icon named Options in the backend pages, which are providing you the interface to set your preferences for the given component.

    For example in the Joomla 1.6+ in the template manager you have in the Options a way to switch on or off the support for the well known trick to append "?tp=1", which reveals you the available module positions for your templates.

    Now you can block attempts to visualize by others these module positions by visiting the address:

    http ://yourdomain.com/index.php?tp=1

    BTW: The "tp" stands for template position and the trick is one of core Joomla tricks.

  • Other usual hacker tactics

    There are numerous other tactics that can be used to break into a computer system, and these usually involve discovering weaknesses or loopholes in the server software's defenses. When a programmer writes software that runs on a web server, he tries to make sure that the software cannot be abused - but it can be very difficult to foresee every eventuality; vandals and hackers are always pushing software to the limit and trying out operations which the software was not designed to handle, in an attempt to discover a way in.

  • PHP Warning: It is not safe to rely on the system's timezone settings....

    With recent upgrade of a great number of servers to PHP 5.3.8 may clients reported that their site began to show error messages like

    Warning: strtotime() [function.strtotime]: It is not safe to rely on the system's timezone settings

    or

    Warning: date() [function.date]: It is not safe to rely on the system's timezone settings
  • Privacy tools suite for multilingual sites

    Joomla Privacy tools suite is a welcome addition for all Joomla webmasters- especially for those in EU. GDPR regulations make this not only a desirable asset, but a must have item.

    But what about multilingual sites? Looking to the configuration settings it is not obvius at all how you can use in your multilingual site properly.

  • Problems geting SEF URL's work on 1&1-s servers

    Your Joomla site is hosted on 1&1? Great!... Or not so great? Yea, I know the feeling, I had that experience too. All worked just fine (almost) until I decided to kick in the SEF engine, and use the .htaccess redirect, as I suggested elsewhere. And the disaster stroked...

  • Quickstart installation problems

    If you purchased a commercial Joomla template it is very likely that in the package you got you have a special installation package, called Quickstart which let you have the carbon copy of the template demo site in just couple of clicks. It is a gread bonus, helpful especially for beginners. but once in a while you might have problems by installing this package, especially if you try to install it on your local machine.

  • Running your Joomla Website over Secure Connection

    Joomla 1.5 and newer versions have full https support without any hacks being necessary. But what you can do if you want to run your Joomla 1.0 site over https for some reason? Upgrade it!... Easy to say, I am managing even Mambo based sites, running rock solid and doing the job they have built for, so this might be out of question. Bud don't despair, You can do it! You must hack here and there...

  • Secure your standalone scripts used in a Joomla site

    Joomla has everything you may need. Right? If you take a look to the Joomla Extensions site, you may agree with this. But, as always, there may be cases, when the above statement is wrong. For specific need he simplest approach may be to use for specific purposes a standalone script. You can solve the problem - apparently - by using Joomla's wrapper feature, and use your scripts as they where part of your Joomla site. Almost perfect solution you may think... but your scripts are directly accessible by their physical URL, not only through the Joomla interface. What you can do about?

    A lot. And surprisingly easily.

  • Server Forbidden 500 error when saving in Joomla Admin backend

    I had been driven crazy recently by couple of my sites suddenly beginning to exhibit a very annoying behavior. Sites, which worked flawlessly over past months/years began to die when I tried to save something, from new or edited articles, modules, menu items, contacts.

    Of course the first thing I done was to look to the error logs, then to enable debug and set the error reporting level to maximum. Nothing helpful.

  • Server Settings

    Joomla specifies certain settings that are recommended for proper functioning of the system. A list of the recommended and actual settings is displayed when you install Joomla. One of the recommended settings is to have 'Display Errors' switched on. This is very useful when developing and debugging a site, but there is a security vulnerability in PHP (not Joomla, but the language in which Joomla was written) which may allow cross-site-scripting attacks when the display errors option is enabled, if you have a script which produces an error.

  • Setting up an automatic Smart Search indexing

    In another article I've praised the Smart Search core extension and recommended you to use it. But there is a problem with this extension - you need to re-index your site after you add new things manually to get the most out of it. Although the Smart Search index is automatically kept up-to-date whenever content items are amended, there are some circumstances where you need to re-run the indexer. You can do this manually using the Index toolbar button in the Manage Indexed Content screen. Or there is another way to do it?

  • SobiPro - adding a link to author profile in Community Builder

    When a registered user adds a new entry in your SobiPro powered business directory in your Joomla site you might want to add a link pointing back to his Community Builder profile. Sounds simple... but the powerful templating system of SobiPro might be cryptic even for advanced users. And you might not have a membership in SobiPro club - BTW, worth every penny!

    Here is one way you can do this!

  • Special considerations to make your Joomla site secure

    Joomla, as most CMS's excells by making it easy to manage a website page. Offers a pretty easy way to manage Web-based publishing, format management, history editing and version control, indexing, search, and retrieval. Joomla has an impressive suite of features, but these features require some special considerations.

  • The mail function has been temporarily disabled on this site

    After upgrade to Joomla 3.2 from previous Joomla 3.* versions you might see the above error message in the backend, or, worse, you simply don't receive any e-mail notifications you usually do. And the site worked just fine before the upgrade!!

    If you have registration enabled, or you use the site to interact with your visitors/customers the side effects can be really damaging - nobody gets any mails - and you evend don't see any notice about, until you began to dig for the causes, and, for example, try to send a message for yourself from backend. This potentially can roun your online business or community. Apparently everything is OK, all settings are correct, but the mails are simply not sent.

    What's the cause and, more important, how you can fix it?

  • The most common Joomla SEO mistakes

    Mastering the Web is a never ending learning process. You can learn from both good and bad examples. Unfortunately most of us are learning from their own mistakes. A well known situation is that you got a brand new Joomla site, latest tricks, stunning design, appealing content, but you miss a key ingredient of the success: the Visitor. And you've wondering, why they aren't coming, despite your SEO efforts as sending out marketing e-mails to your closest 10.000 "friends" and spending nice money in buying incoming links and lots of postings on every imaginable social marketing site, blog and forum. It's not obvious, but the problem may be in what you did, and not in what you missed. Anyway, here's a mix of things usually Joomla webmasters are doing wrong. Learn from, and try to avoid these most common mistakes!

  • The ten commandements of SEO for beginners

    Why don't have Joomla in the title of tis article? Simply because these are the basics, the cornerstone stuff any webmaster must learn and respect. If you want a successful site, you must follow these Ten Commandements.