Scenes from New Hampshire Scenes from New Hampshire Scenes from New Hampshire Scenes from New Hampshire
Joomla! Registered User Group
Find us on Facebook!  Join our Meetup Group  Join our Google Groups Mailing List  Follow us on Twitter!

Who's Online

0 users and 8 guests online

May 11, 2011 (Future of the JUGNH & Joomla Security Tips)

May 13, 2011 by Justin Herrin
E-mail Print PDF

LOCATION: Manchester School of Technology, Manchester, NH

TOPICS: Future of the JUGNH, Joomla security tips & tricks

ATTENDEES: Liane Haslauer (host), Kathy Lombard, Lois Wolter, Rob Graham (presenter), Justin Herrin, Celeste Guidice, Jim Kennedy


Security Tips & Tricks

Rob, who had attended Ken Crowder's Joomla Day New England presentation back in April, ran through Ken's slides for us and shared his thoughts on Ken's talk.

Ken's presentation is available for download on his site.

Here are some of the key points from Ken's presentation:

  • Keep Joomla core up to date
  • Keep 3rd party components, modules, and plugins up to date
  • Backup your site and database often (Akeeba Backup)
  • Look at the code of 3rd party extensions prior to installing them on live sites
  • Unpublish or uninstall unused extensions
  • Use strong passwords
  • Use different passwords for DB user and Super Admin and FTP user
  • Create a new Super Administrator user, then delete the UserID 62 (j1.5) / 42 (j1.6) user
  • Do not use the default "jos_" database prefix. Use AdminTools to change it if needed
  • Set default Editor in Global Configuration to "No Editor" then set the Editor on a per-user basis
  • Do not use PHP4 (E.O.L. was Dec. 2007). Get a different web host if needed
  • Make use of the .htaccess file. Rename the htaccess.txt file
  • Add IndexIgnore * to .htaccess
  • Turn on SEF URLs in Global Config (need to rename htaccess.txt first). Prevents viewing of "com_mybadextension" in your URL string
  • Look into your robots.txt
  • 755 permissions for directories, 644 permissions for files, NEVER 777

Justin provided some additional security pointers...

  • Enable "prevent XML viewing" in your .htaccess file (it's commented out by default)
  • Remove or override the Generator meta tag
  • Hide ?tp=1 in .htaccess file


User Group "Business" Discussion

New times for our monthly meetings were discussed. We will look into running the meetings on a different day beginning in the fall. The 2nd Thursday of the month seemed to be a good choice.

Kathy, who has been our gracious group leader since the very beginning, has decided to step down from the group leader role. She still plans to contribute when and where she can, which will be well welcomed. Kathy nominated Justin to become the new "face" of the group and take the group leadership role. Justin accepted the nomination and the group voted unanimously.


Next Meeting

Our next user group meeting is scheduled for Wednesday, June 8th in Manchester. Rob will present about Joomla SEO tips and Jim will do a Wordpress vs. Joomla comparison. Keep watching the website for more details coming soon.

Last Updated on December 08, 2011  

Add comment


Security code
Refresh

What is JUGNH?

Joomla! User Group New Hampshire is a group of Joomla enthusiasts, from beginners to professionals, who meet monthly to share new projects, problem solve, network and make new friends. The location of our meetings alternates between the Seacoast and Manchester areas.