Joomla specifies certain settings that are recommended for proper functioning of the system. A list of the recommended and actual settings is displayed when you install Joomla. One of the recommended settings is to have 'Display Errors' switched on. This is very useful when developing and debugging a site, but there is a security vulnerability in PHP (not Joomla, but the language in which Joomla was written) which may allow cross-site-scripting attacks when the display errors option is enabled, if you have a script which produces an error.

---

Add this page to your favorite Social Bookmarking websites

This is a key security issue, but unfortunately many of the Joomla siteowners need guidance on this.

First, let's see what you should know:

---

Add this page to your favorite Social Bookmarking websites

Have to thank friesengeist of the Joomla core team for this very nice tip for your Joomla or Mambo site.

This tip explains how to move your configuration.php file outside of your webroot as well as making it unwritable by the server. That makes it nearly impossible for someone to corrupt or gain access to the information in the file.

---

Add this page to your favorite Social Bookmarking websites