Skip to main content

Menjaga Keselamatan Laman Web Joomla!

Remove default admin User

Padam user admin – banyak kes SQL injection berlaku menggunakan nama pengguna admin.

File/Folder Permission

Semasa menukar tetapan (terutama yang melibatkan configuration.php) boleh set file permission kepada 777, selepas selesai penukaran tetapan, jangan lupa tukar semula kepada 755.

Guna CHMOD

Tukar ownership folder Joomla! kepada apache. Guna CHOW…

  • PHP files: 644
  • Config files: 666
  • Other folders: 755

FTP Info

Elakkan menyimpan maklumat FTP pada Global Config. Ini kerana maklumat ini akan disimpan dalam configuration.php yang mana jika fail ini diperolehi oleh penggodam, akan menyebabkan mereka boleh menguasai FTP dan memungkinkan menguasai server.

Sembunyikan fail configuration.php (drpd folder public)

http://www.rsjoomla.com/forum/45-rsfirewall/10553-hiding-configurationphp-in-nonpublic-directory.html

Mengesan pencerobohan

Pasang Firewall

  • Dicadangkan gunakan RSFirewall.
  • Boleh buat pengujian sistem – utk kesan fail integriti.

image

MESTI Backup!

Akeeba adalah contoh yang baik.

image

image

Nak backup ke dalam Dropbox pun boleh…

image

Dan boleh pasang website di server lain.

jomDefender

Sembunyikan Joomla! signature (ciri-ciri Joomla! ) daripada dipaparkan kepada awam.

Uji kesahan fail-fail dalam folder Joomla! (sekiranya folder telah diceroboh).

image

CloudFlare

  • Content Delivery Network
  • Pertahanan hadapan untuk domain.
  • Elakkan scanning oleh hacker.

image

Tips lain

Sila lawati http://www.gotsrb.info/Stories/10-security-tips-for-Joomla-website

KURSUS

Untuk penjelasan daripada pakar, sila hadir ke kursus berikut;

Kursus Joomla! Lanjutan: Keselamatan

2005-01-01 10.24.342005-01-01 10.25.272005-01-01 10.25.382005-01-01 10.26.122005-01-01 10.26.222005-01-01 10.26.512005-01-01 10.27.092005-01-01 10.27.242005-01-01 13.21.232005-01-01 13.23.07

Comments

Popular posts from this blog

Several English proverbs and the Malay pair

Or you could download here for the Malay proverbs app – https://play.google.com/store/apps/details?id=net.kerul.peribahasa English proverbs and the Malay pair Corpus Reference: Amir Muslim, 2009. Peribahasa dan ungkapan Inggeris-Melayu. DBP, Kuala Lumpur http://books.google.com.my/books/about/Peribahasa_dan_ungkapan_Inggeris_Melayu.html?id=bgwwQwAACAAJ CTRL+F to search Proverbs in English Definition in English Similar Malay Proverbs Definition in Malay 1 Where there is a country, there are people. A country must have people. Ada air adalah ikan. Ada negeri adalah rakyatnya. 2 Dry bread at home is better than roast meat home's the best hujan emas di negeri orang,hujan batu di negeri sendiri Betapa baik pun tempat orang, baik lagi tempat sendiri. 3 There's no accounting for tastes We can't assume that every people have a same feel Kepala sama hitam hati lain-lain. Dalam kehidupan ini, setiap insan berbeza cara, kesukaan, perangai, tabia

Most used STRING functions in my PHP coding

These are my favourite string manipulation functions in my daily coding life. Dedicated especially to Web Programming students. Read them and have fun. Expect a happiness after a storm , and you’ll find your “inner peace”… This post is still in draft. I’ll update and refine with more examples that I’ve personally develop. More after the break…

Simple Calculator with Spinner – Android Code

This code is a simple code for Android application. It has two textboxes to receive two numbers (decimal), list of mathematical operations with +, –, * and /. Choose the operation, and hit the “Display result” button. You will see the answer to the at the bottom of the button. Have fun with Android.   The Manifest file <? xml version="1.0" encoding="utf-8" ?> < LinearLayout xmlns : android = "http://schemas.android.com/apk/res/android" android : orientation = "vertical" android : layout_width = "fill_parent" android : layout_height = "fill_parent" > < EditText android : text = "@+id/EditText01" android : id = "@+id/EditText01" android : layout_width = "fill_parent" android : layout_height = "wrap_content" > </ EditText > < EditText android : text = "@+id/EditText02" android : id = "@+id/EditText

Submit your blog address here

Create your own blog and send the address by submitting the comment of this article. Make sure to provide your full name, matrix and URL address of your blog. Refer to the picture below. Manual on developing a blog using blogger.com and AdSense, download here … Download Windows Live Writer (a superb offline blog post editor)

Bootstrap Template for PHP database system - MyCompanyHR

HTML without framework is dull. Doing hard-coded CSS and JS are quite difficult with no promising result on cross platform compatibility. So I decided to explore BootStrap as they said it is the most popular web framework. What is BootStrap? - Bootstrap is the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first web sites. (  http://www.w3schools.com/bootstrap/   ) Available here -  http://getbootstrap.com/ Why you need Flat-UI? Seems like a beautiful theme to make my site look professional. Anyway you could get variety of BootStrap theme out there, feel free to select here  http://bootstraphero.com/the-big-badass-list-of-twitter-bootstrap-resources/ Flat-UI is from DesignModo -   http://designmodo.com/flat/ Web Programming MyCompanyHR – PHP & MySQL mini project (with Boostrap HTML framework) Template 1: Template for the Lab Exercise. This is a project sample of a staff record management system. It has the PHP structured co