On the weekend of July 26th and 27th nine developers from around the world gathered in Manchester, UK to clean up Joomla's bug tracker. The project's bug tracker had grown unkempt, with hundreds of issues that were stagnant for a long time. Some issues were there for over a year. Moreover, the JoomlaCode issue tracker wasn’t really fit for the amount of growth Joomla had experienced since 2005. It was necessary to put the number of issues under control and move to an improved bug tracker and that was the goal of the Joomla! Bug Sprint.

Joomla!’s temporary off-line mode is a very handy option to temporarily take your site down while performing maintenance —e.g. updating the Joomla! core or an extension— and is even suggested by the official documentation for the unfortunate time that your site has been compromised. However, is this really off-line, or are there any pitfalls you should be aware of?

I promise you, this article doesn't have to do anything with religion. It talks about site security. The beast I am referring to, is unwittingly opening a back door to your site to potential hackers. You may not know it, but you could be a sitting duck. It all lies in the dark world of ownership, users, groups and permissions. This is a long article, but I promise you that you will learn things you would have never imagined. Let us shed some light to the mystery of the 777 number, and kill the evil beast!

With the abundance of e-commerce solutions for Joomla! it is very easy building a great looking on-line store, showcasing your products and effectively convincing your potential customers to add them to the cart. Beautiful images, obvious calls for action, unique selling points and a smooth online shopping experience are easy to setup and help you “seal the deal” with the customer. However, this is only half the story. One of the most overlooked business decisions when building any kind of e-commerce site is the payment method. It’s what affects the very last step of the online shopping experience and the single most frequent reason to lose a sale.

If you were to provide a short list of the threats against your site, which one would be the number one threat? For me, it's script kiddies. Those pesky individuals who don't have a programming bone inside them, but still can cause a great deal of harm to our sites by using pre-packaged attacks against them. Their success rate is amazingly high, mostly due to our fault. The purpose of this article is to demonstrate some trivial techniques to add a degree of stealth on your site so that script kiddies can't launch their attacks and even if they do, they will most likely be fended off successfully. Just like a ninja, you'll learn how to have your site lurk in plain sight without being spotted by those pesky attackers.

On quite a few occasions fellow developers ask me which is the best way to get started with Joomla! Development. Among other things, I always propose that they should have a complete reference of the Joomla! Framework API. The only book which was up to this task was "Mastering Joomla! 1.5 Extension and Framework Development", albeit a bit outdated since it was written when Joomla!1.5 was still in beta, some two and a half years ago. When Packt Publishing announced that they'd release the updated "Mastering Joomla! 1.5 Extension and Framework Development (Update)" I was ecstatic! So, here you go, I reviewed the new edition of the book and I'm willing to share my experience with you.

In our last issue we were discussing about how any Joomla! site belongs to a homogeneous population, why this is bad from a security perspective, and how to avoid that by changing your database table prefix. In this issue, we are going to expand a bit more, by making sure that another set of common characteristics – the Super Administrator user name and ID – are different than those a potential hacker would expect.

When dealing with website security, most web masters think only about fending off potential attacks. However, we are all human. No matter how hard we try, some of the attacks will make it through, and hit our site. Our concern should be making sure that these attacks never cause any real harm to our site. We'll start covering our bases from... the database! In this issue we'll see some working, real-world examples of security measures based on that concept, which take a minimal amount of time and skills to apply to your own site. But, first, what has the database to do with security and your site surviving hacking attempts anyway?

Joomla! is often bashed by unknowledgeable people as insecure. How little they know! The fact is that no system is airtight, unless you do your part to secure it. Most people coward away hearing as much as the word “security” itself. You don’t have to! Securing your site is rather easy, if you know what, where, and how it needs to be completed. This article may only scratch the surface, but will provide you with enough advice to perform a major upgrade in your site’s security in a few, easy steps.

When shopping for Joomla! templates, users very often make their choices based entirely on the look and feel the template presents for their content. A user visits the demo pages of a few template manufacturers, looks around and picks a design to represent the content of a new or existing Joomla! web site. What is often overlooked are the ways in which a template is more than skin deep. A template is much more than a web site design: it actually defines the way the web site elements such as HTML, images, Cascading Style Sheets (CSS) and JavaScript are sent to the web browser. Have you considered the impact of the these elements to your overall user experience?