Anyone may write and distribute a Joomla! extension. As a service to the global community, this freedom is actively encouraged and supported by the Joomla! Core team. Due to the openness and popularity of the Joomla! project, there are a wide variety of extensions offering a vast array of features. The quality and breadth of Joomla! extensions is one of the main advantages of Joomla.
 
Depending on the security configuration of your Web server the recommended default permissions of 755 for directories and 644 for files should be reasonably secure.
 
Modifying the $mosConfig_host to an IP Address of a remote host works for hosts that have separate MySQL servers from the client hosting servers.
 
The Joomla! Administrator's Security Checklist is a concise selection of the best tips and tricks from the many contributors in the Joomla Security Forums. Review this list BEFORE you install Joomla for the first time.
 
Search engine ranking AND your competitor's for each of your keywords every week.
Do this for Google, Yahoo, MSN and Alta Vista at the minimum.
 
Beberapa Module module yang dapat dipakai untuk melihat statistik pengunjung pada web kita ada banyak sekali.
 
Joomla - Component: Create Hello World Component on Front End

I follow undocumented rule, learn programming for first time by creating "Hello World" page. I will show you how to create component Hello World. It realy easy.
 
Definition
Remote file inclusion, commonly known as RFI is a form of attack where the attacker trys to inject there own php code inside your php app's. If an attacker can successfully achieve this they will be able to execute any code they wish on your webserver.
 
Joomla Newsflash Modules Tutorial
Ketika menciptakan sebuah isi content di dalam module, category atau section, kita bisa mencipakan sebuah kaliamat pembuka awal, dan selanjutnya memilih readmore untuk isi selanjutnya.
 
http://yoursite.com
http://www.yoursite.com
If you can actually have these show up in your browser then you have a problem. What is happening is that Joomla will happily process both URL's, with and without the www.
"Is that bad?" you now ask.
 
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.1 [Seenu]. Since the stable release of Joomla! 1.5 we have seen huge numbers of downloads which has helped to push the total number of downloads to over 3 million in less than a year.
 
Now here are 10 easy, cheap ways to improve your SEO.
 

Teman teman pasti sudah pernah, mungkin sering mendengar SEO SEF, Bahasa pasarannya, SEO adalah optimasi halaman web agar mudah dikenali oleh search engine. biasanya melalu meta tag keyword, description, robot.



 
VirtueMart is also affected by this bug. The problem is indeed a wrong order of the calls to initSessionAdmin and doGzip at the end of the file /administrator/index2.php.
 
Download here Live Users Pro is joomla module for probably one the most advanced "Who Is Online" modules for Joomla. Having started as a modification of the original Live Users Module it is a complete new program by now.
 
Mosets Tree is a directory component for Mambo. It can be used to run a complex Yahoo! style directory directly inside your Mambo website
 
Joomap is a sitemap component for Joomla that shows the normal Menu Structure, Content Categories, Sections and Virtuemart Categories in a hierarchical list
 
Fireboard is fully integrated forum solution for joomla, no bridges, no hacking core files.
 
Tutorial module Login Joomla
Jika kita ingin memperbanyak member site kita,sehingga kita bisa mengetahui seberapa banyak user yang telah register di site kita, kia dapat menggunakan suatu trik, memaksa pengunjung untuk melakukan registrasi.
 
astatsPRO gives you most statistics you would get from cPanel's Awstats and similar and presents the data in a decent way. User agent, OS, Referrer, uniques, page impressions etc.
 
A simple newsletter component with subscriber management and HTML/image embedding capabilities.
 
Dengan Joomla kita bisa membuat suatu page yang isinya adalah menu menu untuk download. buat temen temen yang demen dengan affiliate program, itung itung bisa nabung dari hasil pay per click. cukup gunakan component com_d3000 bisa di download di sini

 
Agar website kita bisa dikenal oleh search engine, mungkin kalau eloe selaku webmaster akan memerhatikan script saat pembuatan website nya, SEO (Search Engine Optimation). Banyak kok, contoh-contoh scripts untuk SEO.
 
Club Template Business Look can give your business site a modern design look and feel. You have the choice of your own background and background color to fit the colors of your identity. The entire template is laid out in PNGs so shadows, overlays, etc. will lay right on top of your background image/color.
 
Use a WordPress Blog in a subdirectory of your Joomla installation the Improve the Search Engine Visibility of your Website.
 
The information provided in this document is critical to stopping these attacks and must be taken into immediate consideration.
 
1. Read Me First!
1. There's no free lunch! Don't be fooled by Joomla's award-winning easy of use. Maintaining a secure, dynamic Web site on the open Internet is not easy. Security requires continual watchfullness and effort.
 

Joomla!Joomla is an open source content management system referred by tens of thousands as the best CMS in the world.
 
This Tutorial how you Installing Joomla Components Modules Templates
 
joomla submit users are allowed to submit contents.
 
Tutorial Joomla Generate Flickr API Key
 
This tutorial will show you how to add a URL link menu item to your Joomla site
 
Tutorial kali ini membuat tulisan berjalan di joomla
 
Sedikit tutorial, dari http://www.compassdesigns.net tentang keuntungan menggunakan "read more" atau “Click to continue”
 
Joomla dapat menggunakan satu atau dua baris/kolom pada tampilan web joomla
 
Backup joomla anda, sebelum anda harus bekerja keras
 
Untuk Menciptakan Template Joomla,
 
Tutorial menciptakan content pada menu baru
 
Merubah tampilan template joomla
 
Sudah sejauh aman kah joomla anda..?
 
Minimum Requirement untuk instalasi Joomla
 
JOOMLA installation can not be completed:
 
Saya akan sedikit berbagi tutorial bagaimana saya mendesain web dengan joomla
 
Joomla, register_global=OFF Siapa Takut
 
Kita dapat menciptakan sebuah forum didalam web joomla kita
 
Mungkin kita untuk teknis design suatu website sedikit paham, tapi sebelumnya kita harus berangkat dari sebuah plan dulu
 
Masih ragu menggunkanan CMS dalam mendesain web..?
 
Setelah kita Registrasi ke Provider Hostingan kita, selanjutnya yang dilakukan adalah :
 
Tutorial untuk menghemat bandwith ketika cek e-mail
 
Anda tidak perlu Upload manual, jika menggunakan CMS, berikut tutorialnya
 
Beberapa teman saya yang jauh lebih mahir dalam membuat website, mengatakan masih enggan memakai joomla
 
Biasanya webstite Menyediakan fasilitas untuk tanya jawab, mengisi komentar, makian juga sering joomla tutorial
 
Bosen nyari nyari module yang bisa di download free..? khusus buat teman teman yang tahu sedikit bahasa pemograman script, nda usah banyak pengetahuan untuk ini Cool
 
Kemaren ada pemirsa yang bertanya, kenapa joomla menjadi pilihan CMS ku, dan isi blog ini tutorialnya kok hanya tutorial joomla melulu. tapi berhubung dia itu bulek, aku terpaksa buat postingan bahasa inggris, moga tutorial ini berguna, koreksi ya kalau ada yang salah
 

Aku yakin, dalam hal membuat suatu website, kamu lebih dari aku.
 
Tutorial menghasilkan uang dari joomla
 
Tutorial Backup file Joomla - Tutorial halaman Download joomla - Newsflash Modules - Tutorial module visitor Counter di joomla - Tutorial Components Modules Templates - Tutorial WordPress Blog into Joomla - Tutorial Membuat Forum Joomla - Top 10 Stupidest Administrator Tricks - Top 10 Joomla! SEO Tips and Tricks - Tutorial Joomla Shape5 Template - Tutorial Joomla Security Checklist - Tutorial Joomap - Tutorial Joomla Requirement - Tutorial Bug VirtualMart 'Session Expired'

Tutorial

Username Password Remember me Lost Password? Register

Artikel Terbaru



Security Researcher

Total Members : 782
Latest Member : kancil
Today : 0 Registers
This week : 0 Registers
No users online
Guests: 1

Friends in Joomla

CabikHosting
Petelinux
St. Dominikus
Honda Tugu
Cyber Kost
GeHost
My Brother
Kampusku

Check PageRank

joomla tutorial

download tutorial joomla module template
download tutorial joomla module template

download tutorial joomla module template


Tutorial Joomla
Video Tutorial
Contact
Joomla e-book
Tanya/Jawab
Download
Forum
Iklan anda
New Template
What are the recommended joomla file and directory permissions? PDF Print E-mail
Written by Tutorial Joomla   
Depending on the security configuration of your Web server the recommended default permissions of 755 for directories and 644 for files should be reasonably secure.
How can I avoid using chmod 0777 to enable installs?

On a private server with a small, controlled set of users, there is no need to use a chmod 777 to make the Joomla! folders writable in order to perform installs. You can set the server up so that both Apache and FTP have control of site files.

Directions
 1. Edit the Apache user.conf file and tell apache to run under the FTP account.
2. chmod the entire site to 644 or 744. Apache should be able to run just fine that way.

Optional
 1. chgrp the entire web space to the FTP group so that only those with FTP access can write to the server.
2. chmod the entire web space to 764 or 664 will be possible giving other users write access as well
Isn't locating all Joomla! files inside public_html a security risk?

Short answer
 Potentially, yes. Your site can be secure, but you must be careful and vigilant.

Long answer
 A common security principle is to create various security levels and then grant access at each level only as required. On UNIX servers this is done by setting the user, group, and world permissions on directories and files.

Typically, the most insecure directory on a UNIX server is the one serving Web files, usually called public_html. This is because it is publicly accessible, world-readable, and in the case of a CMS-powered site, possibly even world-writable. That status is the very definition of officially, totally, and utterly insecure.

As long as you want the entire world to view your public_html directory there is no problem. After all, that's exactly what it's designed to do. But if you want to hide anything, the plot thickens. If public_html contains configuration files with secret data, or scripts that write to databases, or scripts that modify other files, or scripts that append to logs, or scripts that store temporary data in caches, or scripts that support file and graphic uploads, or scripts that process form input, or scripts that process financial and personal data, this read-only directory becomes a world-accessible, read-write application.

If there are ANY vulnerabilities in ANY files in the public_html directory, the entire server is potentially vulnerable, and not just your Web site but possibly every Web site on your server. Such vulnerabilities give attackers access to the scripting engines used to run your site. PHP, Perl and other Web scripting languages are powerful and easy to use. If programming vulnerabilities allow an attacker to call arbitrary commands, your entire server could be toast.

One good way to block attackers, is to keep potential vulnerabilities behind a secure fence. For this reason, it is often recommended to only place files that require direct access from the Web in public_html. Other files should be loaded into applications using such functions as include andrequire. To access such files, attackers must first penetrate your server, such as by discovering a root username/password.

The incredible lightness of living outside the fence
 To provide incredibly easy installation, Joomla! follows a different security model. It is possible to perform a complete Joomla! installation using nothing more than a Web browser pointed at the world-readable installation directory. An additional level of security is provided by requiring that you remove this installation directory after completing the install.

Granting a world-accessible installer the ability to write to files outside of public_html would be a huge security hole. Thus, by default every Joomla! file ends up in the world-accessible public_html directory. Not coincidentally, this is also the directory in which an angry planetful of would-be attackers are hoping to find your files.

Currently, most Joomla extensions also have limited support for file locations outside of public_html. This is a legacy of the Joomla! 1.0.x installation model.

Joomla! defense
 Despite it's apparently vulnerable location, Joomla! uses various effective methods for blocking exploits. Chief among them is to add a line of code at the top of any PHP file that requires extra protection. This method is very effective as long as each and every file requiring such protection, has it. One vulnerable file exposes the whole site.

The challenge
 The practice of placing everything in public_html, and then building a little fence inside each file can become an administrative nightmare. One vulnerable file exposes the entire server. This is a glaring example of an allow, then deny security model.

This model requires very careful upgrades, constant log reviews, and proactive plugging of new vulnerabilities as soon as they become known. (Since you have to beat the attackers, you'll be in a hurry, and may inadvertently do something stupid, potentially creating other vulnerabilities.)

During installations and upgrades, you must verify (or trust someone else to verify) every line of code, of every new file, for every known vulnerability. And because scripts can have unintended consequences on each other, you can not forget to test, test, test. Of course this is generally true for all software, but placing the entire application in public_html makes the issue extremely

critical.
The recent wave of URL injection attacks against poorly-written third party extensions would have been much less successful if those files had been stored outside of public_html, and thus simply unavailable through URLs. Note that in many cases the actual vulnerabilities could still exist within the files, but being inside the fence (outside of public_html) they would not be exposed to URL injections.

To (Deny, then Allow), or (Allow, then Deny)?
 The real problem with the above "all known" qualifier is that it is an allow, then deny model. In other words, we first give everyone access to every file and then deny access to specific files by adding a line of code.

Consider the logic for a password authentication script. We have essentially two choices:
1. First allow all access, then deny any username/password combination that DOES NOT match the approved list.
2. First deny all access, then allow any username/password combination that DOES match the approved list.

Obviously the second method is better. A passing familiarity with regular expressions shows that the first method is much more difficult to write securely. It fails anew each time a new variation of some attack is developed, and tends to require constant revisions. Over time, such revisions become so complex that the authentication system itself becomes a source of vulnerabilities.

Conceptually, the second method is an example of building a strong fence around your site (deny), and then granting access using a limited and well-defined set of criteria (then allow). If the script fails, the most likely result is that someone who should have access is blocked. That may be highly inconvenient, but it's not usually a security breach.

The good news
 1. In Joomla! 1.0.x, some extensions, and the Joomla! framework, give you the option of locating critical directories outside of public_html after you have completed the installation. Whenever possible you should do this.
2. Joomla! 1.5 goes far in the right direction. It provides several new constants for specifying the location of particularly sensitive directories, including configuration, administrator, libraries, and installation.
3. Joomla! 1.5 is able to run as an FTP account. This provides another method for protecting files on a file by file and directory by directory basis.
 
< Prev   Next >
[ Back ]
Joomla Featured Articles Module by DART Creations
ym : ptlnx


Click here to join joomla-id

download joomla module template component