To be on the safe side
Posted: Sun Jul 23, 2006 3:23 pm
I want to thank all Joomla! developers for their time and effort. I returned from my holiday last sunday and spent a couple of days patching the 5 Joomla! sites under my supervision to 1.10.0. No harm was done to them during my absence because they are not indexed by search-engines.
I suggest 4 steps to be as safe as possible:
1. Keep close track of Joomla! patches, this goes for every component/module/bot you plugged into Joomla! as well.
2. CHMOD all directories and files according the advised settings. Tightens security to the required level.
3. Running on Apache look into the .htaccess file. There is a thread on this forum about this file and it is useful to help you keep the vultures out.
4. Consider the need of being listed in search-engines ... do you really need to be indexed? Since we give Joomla! the credits it deserves we keep the Joomla meta-tag in the header ... giving away the engine identity when indexed by ths search-bots. The scriptkiddies out there just perform a search on Yahoo or whatever and get a nice list of Joomla! sites to go to. Makes ya think, does it not? If you really need the search-engines I suggest you disallow the bots indexing your Joomla! directory and instead make a forwarder index.html in the root with the meta-tags you want to be indexed.
Since English is not my native tongue I hope I made sense, if not, please let me know.
I suggest 4 steps to be as safe as possible:
1. Keep close track of Joomla! patches, this goes for every component/module/bot you plugged into Joomla! as well.
2. CHMOD all directories and files according the advised settings. Tightens security to the required level.
3. Running on Apache look into the .htaccess file. There is a thread on this forum about this file and it is useful to help you keep the vultures out.
4. Consider the need of being listed in search-engines ... do you really need to be indexed? Since we give Joomla! the credits it deserves we keep the Joomla meta-tag in the header ... giving away the engine identity when indexed by ths search-bots. The scriptkiddies out there just perform a search on Yahoo or whatever and get a nice list of Joomla! sites to go to. Makes ya think, does it not? If you really need the search-engines I suggest you disallow the bots indexing your Joomla! directory and instead make a forwarder index.html in the root with the meta-tags you want to be indexed.
Since English is not my native tongue I hope I made sense, if not, please let me know.