permissions

  • Change the file and folder permissions automatically

    File and folder permissions are a key part of your Joomla site's security. It's highly recommended that you have set them properly. They should never be 777, but ideal is 644 for files and 755 folders.

  • Error: Invalid login during Joomla upgrade

    Today I had to upgrade an old, Joomla 2.5.7 site to latest Joomla, everything went out fine until I had to do the first critical step - the upgrade from Joomla 2.5.28 to Joomla 3.51. Did I mentioned that server has PHP 5.6.25 withouth possibility to upgrade - at least not on short term?

    OK, so, wasn't the best setup condition available, but usually this is not a dealbreaker.

    And BUMM, I have seen an old "friend", a popup saying:

    ERROR: Invalid login

     

  • Export Tweak To Add Strict Permission per/field & Export Text Only

  • File and folder permissions

    This is a key security issue, but unfortunately many of the Joomla site-owners need guidance on this.

    First, let's see what you should know:

    Joomla is a typical LAMP (Linux/Apache/MySQL/PHP) application, even if runs on many other platforms too. The entire access rights "philosophy" is relying on the native environment's settings.

  • How to restrict a user to access only one component in admin

    Sometimes you need to allow a user to access and manage only one (or a few) Joomla! component in the backend. This is quite easy to set up, you need to use cleverly the ACL sytem Joomla has allready in.

  • Move your config file outside of webroot
    This is a core hack. Files you change as described on this page will be overwritten during updates of Joomla!

    This tip explains how to move your configuration.php file outside of your webroot as well as making it unwritable by the server. That makes it nearly impossible for someone to corrupt or gain access to the information in the file.

  • Patch your outdated Joomla installs

    As I write this, both Joomla 1.5 and 2.5 have reached their EOL (End Of Life) for long time, and are not developed or supported anymore. This is a huge security risk, so the best advice here is to upgrade your Joomla site to the latest version. But what if you don't have the time/funds to do it right now?

  • Special considerations to make your Joomla site secure

    Joomla, as most CMS's excells by making it easy to manage a website page. Offers a pretty easy way to manage Web-based publishing, format management, history editing and version control, indexing, search, and retrieval. Joomla has an impressive suite of features, but these features require some special considerations.

  • Vandalism and Hacking

    Vandals often use hacking techniques to deface a website or destroy data and files, but there are also those who just want to steal resources (make use of other peoples' servers without their knowledge or permission) or to cover their tracks by stealthily making use of hardware owned by legitimate businesses to carry out processing for illegal operations or to relay spam and viruses to others.

  • When the Joomla site is offline, only Super Users can log in

    A client of mine asked this question: "How can I allow registered users to log in and see the site even in offline mode, without giving them Super user privileges?"