[BlueOnyx:02822] Re: Joomla & BO/BQ
Alan Kline
alan at snugglebunny.us
Fri Nov 6 15:17:51 -05 2009
I've been running a Joomla site on my BO box since May, and it does very
well. One thing you *really* want to do is take the configuration.php
file out of your web root directory and put it in a directory above that
(one that can't be accessed by an outside user). The joomla.org website
shows you how to do this in their security checklist under documentation.
Another thing I've done is include a "deny/allow" command in my Apache
site conf file denying access to the /administrator/ directory to all,
then allowing it only to the 2 IP ranges where I'm likely to log in
(home and work). A *lot* of hacker attacks, logically, are to the
administrator directory. Since it's my box and my website, there's no
reason for anyone else to even try to login to the Joomla back end.
Also, be sure to use the .htaccess file that's provided in the Joomla
distribution. They've got some mod_rewrite rules in there that should
block most of the SQL injection attacks that will come your way...
Alan
Jeff Folk wrote:
> I think they are perfectly suited to running CMS style websites. I've
> run Geeklog and Wordpress sites on mine for years. Just follow the
> Joomla instructions, everything is already installed in BQ/BO (make sure
> you have set a root password in MySQL, though...).
More information about the Blueonyx
mailing list