.htaccess

.htaccess

• Protect yourself from clickjacking hack

  Clickjacking is a browser security issue and is a vulnerability across a variety of browsers and platforms. A clickjack takes the form of embedded code or a script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function. The hacker installs an invisible layer over the existing site, hijacking the user's clicks. The suspicious-less user will perform this way actions they never intended to, from apparently inoffensive ones, as following someone on Twitter, to really nasty things, like password, credit card information theft, and anything else you might (not want to) do on a webpage.

• Server Settings

  Joomla specifies certain settings that are recommended for proper functioning of the system. A list of the recommended and actual settings is displayed when you install Joomla. One of the recommended settings is to have 'Display Errors' switched on. This is very useful when developing and debugging a site, but there is a security vulnerability in PHP (not Joomla, but the language in which Joomla was written) which may allow cross-site-scripting attacks when the display errors option is enabled, if you have a script which produces an error.

• Stop image hotlinking

  When other people link to your images directly this can put an unwanted, additional strain on your servers - it is not just an annoying, unfair practice to use your intellectual property.

  That practice is called image hotlinking and you can disable it by adding some code to your .htaccessfile.

• The 301 redirect

  Just upgraded from a static site to Joomla? Or just reorganised your content? And, of course, you don't want to loose your existing Google PageRank and your external links...

  What you can do?

  301 redirect is the most efficient and Search Engine Friendly method for webpage redirection. It's not that hard to implement and it should preserve your search engine rankings for that particular page. If you have to change file names or move pages around, it's the safest option. The code "301" is interpreted as "moved permanently". This is the solution Google recommends for webmasters to keep their ratings.

• The most common Joomla SEO mistakes

  Mastering the Web is a never ending learning process. You can learn from both good and bad examples. Unfortunately most of us are learning from their own mistakes. A well known situation is that you got a brand new Joomla site, latest tricks, stunning design, appealing content, but you miss a key ingredient of the success: the Visitor. And you've wondering, why they aren't coming, despite your SEO efforts as sending out marketing e-mails to your closest 10.000 "friends" and spending nice money in buying incoming links and lots of postings on every imaginable social marketing site, blog and forum. It's not obvious, but the problem may be in what you did, and not in what you missed. Anyway, here's a mix of things usually Joomla webmasters are doing wrong. Learn from, and try to avoid these most common mistakes!

• The pharma hack

  The Paharma Hack (or Blackhat SEO Spam Hack) is a very elaborated hack wich is often unobserved for the regular visitors - and website owners - because does an ingenious trick: present a different version of your site for the searchengine bots. The site, for a long period of time looks and behaves normally for the regular visitors. This attack is very interesting because it is not visible to the normal user and the spam (generally about Viagra, Nexium, Cialis, etc) only shows up if the user agent is from Google’s crawler (googlebot). Also, the infection is a bit tricky to remove and if not done properly will keep reappearing. It's one of nastiest hacks you might have. We recommend hiring a specialist to remove it, because generally the infection reappears in no time after the site is "cleaned".