.htaccess

  • A while ago I already posted an article about problems getting SEF URL's work on 1&1-s servers and thought I know how to deal with the idiosyncrasies of 1&1's (very unprofessional) server settings. I was wrong...

  • There is a surprisingly easy way to detect your Joomla version - and one don't need sophisticated tools, like BlindElephant or his siblings to do it. And this information can be used by hackers to make you scream...

  • Sometimes you need to block a certain IP address, a group of addresses or certain hosts from accessing your Joomla website. Reasons may include:

    • It's a hacking attempt coming from that IP
    • Someone is scraping content from your website
    • A brute-force attack (in most cases a DoS - Denial of Service - attack is originated from that IP (there are too many requests coming from a particular IP
    • Someone continuously spamming your website
    • Some content from your site (images, media files) are hotlinked from your website.

    The solution is simple, but is advised to apply first other tools to stop these bad guys - overuse of this tip can slow down your site considerably, use it ony if you don't have anything else - or you are in hurry to stop an ongoing attack.

  • If you search on Google for the term "joomla can't login after moving to new server" - or something similar, you will get more, than 1 million hits for most of the combinations.

    So, you aren't alone. And there are plenty of suggestions, on what might gone wrong and how you might find that, and there are verious fixes. But what if you moved the site to another domain? From development server to it's final place? This is a subject wich is rarely touched by those advices.

  • File and folder permissions are a key part of your Joomla site's security. It's highly recommended that you have set them properly. They should never be 777, but ideal is 644 for files and 755 folders.

  • In the race to the top of Search Engine result pages - ultimately higher SERP (Search Engine Ranking Points) the site speed is an important factor. There are lots of tricks to increase a Joomla site's speed, here is one wich does not need additional code to be installed and executed, but yet is powerful an let you fine-tune your site's performance.

  • Joomla, as a PHP/MySQL powered solution is inserting the content into a webpage by way of a script. This type of site is considered to be dynamic. The advantage is obvious - that's why you and me have been chosen Joomla Tongue out. But what's the drawback?

  • One of often overlooked security (and not only) resource for any Joomla site is under your fingertips! With each Joomla install (even from the old Mambo days) you have a file named htaccess.txt in your site's root directory. In most cases is never touched, and left as is - most weekend webmasters don't even know what is for. A few are using it to help Joomla or the specialized SEF URL builders to make those pretty SEF URL's for their site. And that's pretty easy - in most cases it's enough to rename it to .htaccess, and you are set. But there is much more power hidden there...

  • A while ago I wrote a tip about problems geting SEF URL's work on 1&1-s servers. Back then I didn't realized, that the problem is the same - or at least fairly similar - on GoDaddy's servers too. Not everywhere, I have a site running on GoDaddy with sh404SEF without any need of tweaking the .htaccess file, but recently I had issues with another site.

    So, the trick above solves the problem, but what is the cause?

  • Even if hosting Joomla on GoDaddy can be challenging, and anybody ever built a site on their servers will tell you to turn to some better Joomla host, many people still choose them because of the excellent price/offering ratio. Here are a few tips that will help you get Joomla running on GoDaddy with minimum fuss.

  • With arrival of Joomla 3.* the GoDaddy users are facing a new challenge - how to turn off magic_quotes_gpc. this is usually a simple task, there are many ways to do it.

  • Did you added something to a perfectly working Joomla site, and you suddenly have a blank age instead your site? Chances are that you hit the memory limit allowed to you on your server. Memory limits help to keep scripts from running out of control or using up all of your free memory. This value is generally carefully set by your host's SYSADMIN to let the hosted sites to run smoothly without bottlenecking each other by overusing this precious system resource.

  • If you think, that is enough to build a nice site with a great content to have lots of visitors flowing to your site you're wrong. There are millions of webmasters trying to do the same. And Google and other search engines simply can't find, index and sort all of these sites, and show them to your potential visitors. So you need to do a little more to help these search engines - and to help yourself!

  • Most of attacks on the web - and Joomla sites aren't an exception - are made fully or in first phase at least by automated robots. These are using known entrance points as administrator logins to most used software solutions to try they chances to break in. So it's a wise move to change these well known locations. But wait! The need to upgrade compatibility may made this difficult, so, how we can do this without changing a line in Joomla code?

  • GoDaddy is notoriously buggy when comes to Joomla hosting. But when you turn on SEF, you might have another nasty surprise, instead of your site's pages you might see this:

    No Input File Specified
  • With recent upgrade of a great number of servers to PHP 5.3.8 may clients reported that their site began to show error messages like

    Warning: strtotime() [function.strtotime]: It is not safe to rely on the system's timezone settings

    or

    Warning: date() [function.date]: It is not safe to rely on the system's timezone settings
  • Clickjacking is a browser security issue and is a vulnerability across a variety of browsers and platforms. A clickjack takes the form of embedded code or a script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function. The hacker installs an invisible layer over the existing site, hijacking the user's clicks. The suspicious-less user will perform this way actions they never intended to, from apparently inoffensive ones, as following someone on Twitter, to really nasty things, like password, credit card information theft, and anything else you might (not want to) do on a webpage.

  • Joomla specifies certain settings that are recommended for proper functioning of the system. A list of the recommended and actual settings is displayed when you install Joomla. One of the recommended settings is to have 'Display Errors' switched on. This is very useful when developing and debugging a site, but there is a security vulnerability in PHP (not Joomla, but the language in which Joomla was written) which may allow cross-site-scripting attacks when the display errors option is enabled, if you have a script which produces an error.

  • When other people link to your images directly this can put an unwanted, additional strain on your servers - it is not just an annoying, unfair practice to use your intellectual property.

    That practice is called image hotlinking and you can disable it by adding some code to your .htaccessfile.

  • Just upgraded from a static site to Joomla? Or just reorganised your content? And, of course, you don't want to loose your existing Google PageRank and your external links...

    What you can do?

    301 redirect is the most efficient and Search Engine Friendly method for webpage redirection. It's not that hard to implement and it should preserve your search engine rankings for that particular page. If you have to change file names or move pages around, it's the safest option. The code "301" is interpreted as "moved permanently". This is the solution Google recommends for webmasters to keep their ratings.