Skip to main content

Menjaga Keselamatan Laman Web Joomla!

Remove default admin User

Padam user admin – banyak kes SQL injection berlaku menggunakan nama pengguna admin.

File/Folder Permission

Semasa menukar tetapan (terutama yang melibatkan configuration.php) boleh set file permission kepada 777, selepas selesai penukaran tetapan, jangan lupa tukar semula kepada 755.

Guna CHMOD

Tukar ownership folder Joomla! kepada apache. Guna CHOW…

  • PHP files: 644
  • Config files: 666
  • Other folders: 755

FTP Info

Elakkan menyimpan maklumat FTP pada Global Config. Ini kerana maklumat ini akan disimpan dalam configuration.php yang mana jika fail ini diperolehi oleh penggodam, akan menyebabkan mereka boleh menguasai FTP dan memungkinkan menguasai server.

Sembunyikan fail configuration.php (drpd folder public)

http://www.rsjoomla.com/forum/45-rsfirewall/10553-hiding-configurationphp-in-nonpublic-directory.html

Mengesan pencerobohan

Pasang Firewall

  • Dicadangkan gunakan RSFirewall.
  • Boleh buat pengujian sistem – utk kesan fail integriti.

image

MESTI Backup!

Akeeba adalah contoh yang baik.

image

image

Nak backup ke dalam Dropbox pun boleh…

image

Dan boleh pasang website di server lain.

jomDefender

Sembunyikan Joomla! signature (ciri-ciri Joomla! ) daripada dipaparkan kepada awam.

Uji kesahan fail-fail dalam folder Joomla! (sekiranya folder telah diceroboh).

image

CloudFlare

  • Content Delivery Network
  • Pertahanan hadapan untuk domain.
  • Elakkan scanning oleh hacker.

image

Tips lain

Sila lawati http://www.gotsrb.info/Stories/10-security-tips-for-Joomla-website

KURSUS

Untuk penjelasan daripada pakar, sila hadir ke kursus berikut;

Kursus Joomla! Lanjutan: Keselamatan

2005-01-01 10.24.342005-01-01 10.25.272005-01-01 10.25.382005-01-01 10.26.122005-01-01 10.26.222005-01-01 10.26.512005-01-01 10.27.092005-01-01 10.27.242005-01-01 13.21.232005-01-01 13.23.07

Comments

Popular posts from this blog

Several English proverbs and the Malay pair

Or you could download here for the Malay proverbs app – https://play.google.com/store/apps/details?id=net.kerul.peribahasa English proverbs and the Malay pair Corpus Reference: Amir Muslim, 2009. Peribahasa dan ungkapan Inggeris-Melayu. DBP, Kuala Lumpur http://books.google.com.my/books/about/Peribahasa_dan_ungkapan_Inggeris_Melayu.html?id=bgwwQwAACAAJ CTRL+F to search Proverbs in English Definition in English Similar Malay Proverbs Definition in Malay 1 Where there is a country, there are people. A country must have people. Ada air adalah ikan. Ada negeri adalah rakyatnya. 2 Dry bread at home is better than roast meat home's the best hujan emas di negeri orang,hujan batu di negeri sendiri Betapa baik pun tempat orang, baik lagi tempat sendiri. 3 There's no accounting for tastes We can't assume that every people have a same feel Kepala sama hitam hati lain-lain. Dalam kehidupan ini, setiap insan berbeza cara, kesukaan, perangai, tabia

Login JSON Android using Login Activity

I’ve been trying to release this tutorial quite a while. At last after a long hard effort. Since HttpClient is not supported any more in Android SDK 23, I have to resort to org.json.JSONObject and java.net.HttpURLConnection library to do online database with JSON. The objective of this tutorial is to log-in from a mobile client with the username and password stored in an online database facility. STEP 1: Create a new Android project, this time choose the LoginActivity .

Contact Us at blog.kerul.net

Powered by EMF HTML Contact Form

Bootstrap Template for PHP database system - MyCompanyHR

HTML without framework is dull. Doing hard-coded CSS and JS are quite difficult with no promising result on cross platform compatibility. So I decided to explore BootStrap as they said it is the most popular web framework. What is BootStrap? - Bootstrap is the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first web sites. (  http://www.w3schools.com/bootstrap/   ) Available here -  http://getbootstrap.com/ Why you need Flat-UI? Seems like a beautiful theme to make my site look professional. Anyway you could get variety of BootStrap theme out there, feel free to select here  http://bootstraphero.com/the-big-badass-list-of-twitter-bootstrap-resources/ Flat-UI is from DesignModo -   http://designmodo.com/flat/ Web Programming MyCompanyHR – PHP & MySQL mini project (with Boostrap HTML framework) Template 1: Template for the Lab Exercise. This is a project sample of a staff record management system. It has the PHP structured co

AutocompleteTextview items from SQLite database

AutoCompleteTextView is yet another basic controls in Android. The main purpose is to provide a suggestion list while you type on the textbox (as in the image below). This time instead of listing a regular ArrayList, I will show how to populate the list from a offline database table  through SQLite. Starts by creating a new project, create a BASIC PROJECT. –> the tutorial is here http://blog.kerul.net/2016/12/creating-new-android-studio-project.html .