WEBROOT

  • 1&1 SEF URL's problem reloaded

    A while ago I already posted an article about problems getting SEF URL's work on 1&1-s servers and thought I know how to deal with the idiosyncrasies of 1&1's (very unprofessional) server settings. I was wrong...

  • Add a Favicon to your template

    Websites can include a small image called a Favicon that appears in your web browser generally on the left of URL field and also in the bookmarks to help visually identify a site. Many are saying that is among the few real good things coming from Redmond, since the Favicon was introduced with IE3, and initially supported only by Microsoft's browsers. But now the support for Favicons became widespread and is one of differentiating factors of a website, essential part of the general look/corporate identity.

  • Adding spatial navigation and tabindex to your custom forms

    Having correctly implemented spatial navigation in your custom forms is more important, than ever these days. Unfortunately Joomla's core JForm does not support adding the required info easily (for example by creating an XML file which will output the correct code.

  • Avoid easy Joomla version detection

    There is a surprisingly easy way to detect your Joomla version - and one don't need sophisticated tools, like BlindElephant or his siblings to do it. And this information can be used by hackers to make you scream...

  • Block unwanted visitors using their IP address on your Joomla site?

    Sometimes you need to block a certain IP address, a group of addresses or certain hosts from accessing your Joomla website. Reasons may include:

    • It's a hacking attempt coming from that IP
    • Someone is scraping content from your website
    • A brute-force attack (in most cases a DoS - Denial of Service - attack is originated from that IP (there are too many requests coming from a particular IP
    • Someone continuously spamming your website
    • Some content from your site (images, media files) are hotlinked from your website.

    The solution is simple, but is advised to apply first other tools to stop these bad guys - overuse of this tip can slow down your site considerably, use it ony if you don't have anything else - or you are in hurry to stop an ongoing attack.

  • Can't log in with admin, no error messages

    This error comes back time-to-time, especially after a Joomla site is moved from one server to another. The symptoms are simple - but frightening. You try to login to the administrator interface as usual, with your well known credentials, and the login box is reloading whitouth any kind of error message and withouth letting you in. No errors in browser console, no error in the logs, and no errors even if you turn the error reporting to maximum or the Joomla debug on. You can try even the tricks described elsewhere in this site to change your admin password - that won't help.

    Why? Because the cause(s) - yeah, there can be multiple causes - are different from having bad credentials! Let's see what you can do about!

    ATTENTION: these tricks are qualified as core hacks, so be careful: backup, wear your lucky hat, keep your finger crossed - and take any other security measures before you proceed - you can ruin your site easily with a wrong move.

  • Change the file and folder permissions automatically

    File and folder permissions are a key part of your Joomla site's security. It's highly recommended that you have set them properly. They should never be 777, but ideal is 644 for files and 755 folders.

  • Change your database password while having no downtime

    Changing your database password is something you rarely need, but then you need it immediately, and with the lowest possible downtime. Why you should do that, in first time? Hm, there are many reasons/situations when you should consider changing your database access data ASAP:

    • You just got hacked
    • You have decided to end the business with your current developer, and you aren't sure that he's a trustable person
    • You have a good habit of changing all your passwords regularly
  • Directory Traversal

    A website is stored within a file system on a server. Some of the server's file system is therefore exposed to the outside world and can be accessed by an end-user's web browser. The part of the file system (or directory structure) that is visible to the outside world is limited to a specific root folder and its contents.

  • Full Path Disclosure

    Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection ) query to view the page source, require the attacker to have the full path to the file they wish to view. Then the attacker can use this info to perform other type of attacks based on the obtained information.

  • How to install Joomla to GoDaddy

    Even if hosting Joomla on GoDaddy can be challenging, and anybody ever built a site on their servers will tell you to turn to some better Joomla host, many people still choose them because of the excellent price/offering ratio. Here are a few tips that will help you get Joomla running on GoDaddy with minimum fuss.

  • How to sell your downloadable products?

    Yes, things like media files - or your software. No, I don't sell software - I give it away for free, for example here. Bu I build sites with selling capabilities. My favorite solution for it is VirtueMart, THE shop to be used with Joomla.

    Is powerful - but is not for beginners, you can easily lost here without proper guidance.

  • How to turn off magic_quotes_gpc on GoDaddy

    With arrival of Joomla 3.* the GoDaddy users are facing a new challenge - how to turn off magic_quotes_gpc. this is usually a simple task, there are many ways to do it.

  • Increase the available memory for your page

    Did you added something to a perfectly working Joomla site, and you suddenly have a blank age instead your site? Chances are that you hit the memory limit allowed to you on your server. Memory limits help to keep scripts from running out of control or using up all of your free memory. This value is generally carefully set by your host's SYSADMIN to let the hosted sites to run smoothly without bottlenecking each other by overusing this precious system resource.

  • Increase your Joomla site's SEO score with sh404SEF

    If you think, that is enough to build a nice site with a great content to have lots of visitors flowing to your site you're wrong. There are millions of webmasters trying to do the same. And Google and other search engines simply can't find, index and sort all of these sites, and show them to your potential visitors. So you need to do a little more to help these search engines - and to help yourself!

  • JFolder::create: Could not create directory

    The full error looks like this:

    JFolder::create: Could not create directory
    Warning! Failed to move file.

    You might see this nagging error every once you install something to your Joomla site. Apparently everything working, but - as any errors you see - should alert you: something isn't right with your site, and even if apparently everything works, you might have unexpected problems later!

  • Joomla update warnings via Google Webmaster Tools

    Now you have one more extra reason to use Google's very useful Webmaster Tools. Recently Google added to his arsenal of Joomla related enhancements a useful one: In the Google Webmaster Tools you will see a warning with useful details on what to do each time yor Joomla site gets outdated!

  • Learn Joomla 4 - Power Tips - Media Manager

  • Leverage browser caching

    One of the most easy ways to make your Joomla website faster is to leverage Joomla browser caching. This is one of the high priority tasks recommended by Google to make your website load faster.

  • Move your /temp and /log folders outside of webroot

    It's always a wise move to move your sensitive files outside of the so called WEBROOT, the directory which is used by Apache to show your website. This way you can be sure, that nobody else, but your Joomla core code can use these files.

    Moving some files/folders, like the main configuration.phpor the location of admin login may be tricky, but mowing these two key folders is relatively simple.

Page 1 of 2