Passwordless authentication for secure, fast and easy logins in Joomla! 4

December-WebAuthn A Joomla 4 security feature

Joomla! 4 introduces a plethora of new and exciting features. While most of them are very visible, giving you new ways to build and use your sites more easily, there's an abundance of features designed to enhance the security of your site. Today we'll be talking about WebAuthn, a feature that has the unique distinction of belonging in both categories: it makes your site login more secure and easier at the same time.

Continue reading
1
  7858 Hits
7858 Hits

Joomla! Bug Sprint in Manchester

Joomla! Bug Sprint in Manchester

On the weekend of July 26th and 27th nine developers from around the world gathered in Manchester, UK to clean up Joomla's bug tracker. The project's bug tracker had grown unkempt, with hundreds of issues that were stagnant for a long time. Some issues were there for over a year. Moreover, the JoomlaCode issue tracker wasn’t really fit for the amount of growth Joomla had experienced since 2005. It was necessary to put the number of issues under control and move to an improved bug tracker and that was the goal of the Joomla! Bug Sprint.

Continue reading
0
  13634 Hits
Tags:
13634 Hits

How off-line is Joomla!'s off-line mode?

How off-line is Joomla!'s off-line mode?

Joomla!’s temporary off-line mode is a very handy option to temporarily take your site down while performing maintenance —e.g. updating the Joomla! core or an extension— and is even suggested by the official documentation for the unfortunate time that your site has been compromised. However, is this really off-line, or are there any pitfalls you should be aware of?

Continue reading
0
  57260 Hits
57260 Hits

777: The number of the beast

777: The number of the beast
I promise you, this article doesn't have to do anything with religion. It talks about site security. The beast I am referring to, is unwittingly opening a back door to your site to potential hackers. You may not know it, but you could be a sitting duck. It all lies in the dark world of ownership, users, groups and permissions. This is a long article, but I promise you that you will learn things you would have never imagined. Let us shed some light to the mystery of the 777 number, and kill the evil beast!
Continue reading
0
  78208 Hits
78208 Hits

Team EaSE Article: eCommerce - Will they pay...

Team EaSE Article: eCommerce - Will they pay...

With the abundance of e-commerce solutions for Joomla! it is very easy building a great looking on-line store, showcasing your products and effectively convincing your potential customers to add them to the cart. Beautiful images, obvious calls for action, unique selling points and a smooth online shopping experience are easy to setup and help you “seal the deal” with the customer. However, this is only half the story. One of the most overlooked business decisions when building any kind of e-commerce site is the payment method. It’s what affects the very last step of the online shopping experience and the single most frequent reason to lose a sale.

Continue reading
0
  59798 Hits
59798 Hits

Only a Ninja can kill another Ninja

Only a Ninja can kill another Ninja

If you were to provide a short list of the threats against your site, which one would be the number one threat? For me, it's script kiddies. Those pesky individuals who don't have a programming bone inside them, but still can cause a great deal of harm to our sites by using pre-packaged attacks against them. Their success rate is amazingly high, mostly due to our fault. The purpose of this article is to demonstrate some trivial techniques to add a degree of stealth on your site so that script kiddies can't launch their attacks and even if they do, they will most likely be fended off successfully. Just like a ninja, you'll learn how to have your site lurk in plain sight without being spotted by those pesky attackers.

Continue reading
0
  180138 Hits
180138 Hits

The Joomla! Developer's Bible

The Joomla! Developer's Bible

On quite a few occasions fellow developers ask me which is the best way to get started with Joomla! Development. Among other things, I always propose that they should have a complete reference of the Joomla! Framework API. The only book which was up to this task was "Mastering Joomla! 1.5 Extension and Framework Development", albeit a bit outdated since it was written when Joomla!1.5 was still in beta, some two and a half years ago. When Packt Publishing announced that they'd release the updated "Mastering Joomla! 1.5 Extension and Framework Development (Update)" I was ecstatic! So, here you go, I reviewed the new edition of the book and I'm willing to share my experience with you.

Continue reading
0
  32036 Hits
Tags:
32036 Hits

62 reasons to fire your Super Administrator

62 reasons to fire your Super Administrator

In our last issue we were discussing about how any Joomla! site belongs to a homogeneous population, why this is bad from a security perspective, and how to avoid that by changing your database table prefix. In this issue, we are going to expand a bit more, by making sure that another set of common characteristics – the Super Administrator user name and ID – are different than those a potential hacker would expect.

Continue reading
0
  98240 Hits
98240 Hits

The prefix has nothing to do with telephony

The prefix has nothing to do with telephony

When dealing with website security, most web masters think only about fending off potential attacks. However, we are all human. No matter how hard we try, some of the attacks will make it through, and hit our site. Our concern should be making sure that these attacks never cause any real harm to our site. We'll start covering our bases from... the database! In this issue we'll see some working, real-world examples of security measures based on that concept, which take a minimal amount of time and skills to apply to your own site. But, first, what has the database to do with security and your site surviving hacking attempts anyway?

Continue reading
0
  80383 Hits
80383 Hits

Things to do before your site gets hacked

Things to do before your site gets hacked

Joomla! is often bashed by unknowledgeable people as insecure. How little they know! The fact is that no system is airtight, unless you do your part to secure it. Most people coward away hearing as much as the word “security” itself. You don’t have to! Securing your site is rather easy, if you know what, where, and how it needs to be completed. This article may only scratch the surface, but will provide you with enough advice to perform a major upgrade in your site’s security in a few, easy steps.

Continue reading
0
  137657 Hits
137657 Hits