Minimalism is more than leaving stuff out, in fact ...
minimalism is a state of mind.

Specializing in Open Source - WordPress, Joomla and Drupal
facebook_16 facebook_16 facebook_16

1-800-788-9507

Lastest Blog

The Latest

Its been a great year!  Thank you to all of our clients and friends.

Some highlights:

  • We've produced over 230 online training videos for OSTraining.com
  • We've been in the UK, Washington DC, Chicago, Austin, Indianapolis, Boston and more... teaching Joomla and Drupal to people from Pfizer to MIT
  • We've launched a number of sites in 2011
  • Rod is blogging again! (http://www.rodmartin.net)

May you have a blessed 2012!

 

We've Released Three New Joomla 1.6 Videos - Including ACL

It's January 10, 2011. Joomla 1.6 Stable should be released sometime before 11:59pm Hawaiian time today!

In preparation for that, we've put together 3 videos that will provide a great overview of what you'll need to know about administering a Joomla 1.6 site.

  • Part 1 - The Site, Users and Menu Management Menus (9:52)
  • Part 2 - The Articles, Components, Extensions and Help Menus (15:29)
  • Joomla 1.6 Access Control Lists (26:31)
They should give you a good start on your preliminary planning for 1.6

 

How the web is built - Static html vs the CMS

The folks over at W3Techs.com have released an interesting study on the distribution of web development styles.

A whopping 76% of websites are still not using a popular CMS.  This doesn't necessarily mean that they are static sites... many could be dynamic - using PHP or another tool... but only 24% are using a recognizable content management system like Joomla or WordPress.  


OSTraining Offers FREE Classes to Schools

This is a pretty cool!

Here's part of their announcement:

That landmark coincided with the holiday season so we celebrated by giving back: we held a free class for 16 non-profit organizations in Atlanta.

Fast forward almost a year and last week we hit another milestone: 200 live classes!  Those Joomla and Drupal classes were held all across North America and England, from Los Angeles to London and from Vancouver to Miami.

This year's landmark also coincided with the holiday season and so we've decided to give back again, only bigger and better:  


We're Featured!

jcalpro-tutorialOne of the things we're passionate about is training.  Yes, we're an internet marketing/web design company... but Rod loves to teach.  He's just finished his 115th online training video for OSTraining.com.  The topic of this video was JCalPro - a calendar component for Joomla (view the tutorials).  


Our Contact Information

Grab our contact information

(if you use a QR Reader)

02
Sep
2010
PrintE-mail

How Secure is Your Website?

 Share

padlockI got a call from a panicked agency today... One of their client's sites had been hacked and was sending out phishing emails.  They began receiving emails from sites in Seattle, and their domain registrar threatened (and rightly so) to shut down the domain.

Honestly, its a web development firm's worst nightmare.  You'll spend potentially hours tracking down a hacked file and not be able to bill for it (unless of course - the client installed a bad code / form / extension and didn't tell you - happens all the time).

 

So what steps should you be taking to make sure your website stays secure?

  1. If you're using a CMS like WordPress, Joomla or Drupal - keep it up-to-date!  It is amazing that so many websites are still on Drupal 4 or Joomla 1.5.10 or WordPress 1.6.2.  This particular site was hacked using an exploit that was documented over a year ago!  Most modern CMS systems have extensions or plugins that alert you of updates to the core files.  If nothing else - subscribe to the security feed for your CMS.
  2. Make sure your extensions / plugins are up-to-date.  Joomla has over 5,500 extensions.  WordPress has thousands - as does Drupal.  But this is one area where a hacker can get to you. 
    1. Once your site goes live - delete all the extensions you're NOT using.
    2. Keep a checklist and periodically go to the developer's website to see if there are any updates
    3. Consider setting up a google alert for your extensions.
    4. Joomla has a list of updated extensions - you should check there periodically for yours - http://extensions.joomla.org/extensions/updated
  3. Make sure any forms on your site use proper authentication.  Any form that people fill in to provide information to you - whether it be a contact us form, or a poll... MUST have proper authentication to make sure an email address is really an email address - not an SQL injection...
  4. Require good passwords. As a rule, people shouldn't use dictionary words, names, or other personal data for their passwords — they're too easy for an intruder to guess. A "strong" password is one that uses upper and lower case letters, a number and a special character. ie: Fe3eX0_!_3
  5. Limit server access. Only people who really need it should have access to the server. Even then, carefully control each user's level of access. And make sure you delete inactive users as quickly as possible. Again - if you're using a CMS - there should only be one or two "Super Administrators" - and require their passwords to be very strong.
  6. Keep a complete backup of your Web site.  And keep it on a separate, secure computer. If a vandal does manage to destroy or deface your Web site, you'll be able to get a backup version up and running more quickly.  Do this regularly - if you update your site consistently - make sure your backup strategy reflects that.  At least make sure you're getting the database on a very regular basis.

We do provide hosting for our clients at NavigateTomorrow.com - and we follow these guidelines stringently.  If you're worried about getting hacked - or your site doesn't follow these rules... talk to us!  We'd love to help.

Add comment


Security code
Refresh

Recently on Twitter

What's New at rodmartin.me