User talk

Difference between revisions of "Mandville"

From Joomla! Documentation

Line 7: Line 7:
 
     * Take your site offline temporarily to prevent others being infected
 
     * Take your site offline temporarily to prevent others being infected
  
     * Run the forum post assistant and security tool
+
     * Run the [http://securehotel.org.uk/files2/category/2-forum-post-tool?download=3%3Ajts-post-10 forum post assistant and security tool]
  
     * Ensure you have the latest version of Joomla
+
     * Ensure you have the [http://www.joomla.org/download.html latest version of Joomla]
  
 
     * Notify your host  
 
     * Notify your host  
  
     * Review Vulnerable Extensions List  
+
     * Review [http://docs.joomla.org/Vulnerable_Extensions_List Vulnerable Extensions List]
  
     * Review and action Security_Checklist to make sure you've gone through all of the steps.  
+
     * Review and action [http://docs.joomla.org/Security_Checklist_7 Security_Checklist] to make sure you've gone through all of the steps.  
  
     * Change all passwords and if possible user names for the domains control panel, mysql, FTP, joomla Super Admin, and joomla Admin password; do change them often.
+
     * Change all passwords and if possible user names for the domains control panel and your Joomla site.
  
 
     * Replace all templates and files with clean copies,
 
     * Replace all templates and files with clean copies,
Line 25: Line 25:
 
     * Use proper permissions on files and directories. They should be max permissions of 644 for files & 755 for folders with no exceptions.
 
     * Use proper permissions on files and directories. They should be max permissions of 644 for files & 755 for folders with no exceptions.
  
For malicious code see this topic http://forum.joomla.org/viewtopic.php?f=466&t=432915&p=1904438
+
For the [http://forum.joomla.org/viewtopic.php?f=466&t=432915&p=1904438 malicious code topic]
 
 
If you feel none of the above applies to you read http://docs.joomla.org/Top_10_Stupidest_Administrator_Tricks
 
 
 
  
 +
If you feel none of the above applies to you read [http://docs.joomla.org/Top_10_Stupidest_Administrator_Tricks these admin tips
 +
]
 
== ignore bit below ==
 
== ignore bit below ==
  

Revision as of 15:23, 5 January 2010

I've been hacked checklist!

Did you use the forum search box for a similar error?

This is a summary of http://docs.joomla.org/Security_Checklist_7

   * Take your site offline temporarily to prevent others being infected
   * Run the forum post assistant and security tool
   * Ensure you have the latest version of Joomla
   * Notify your host 
   * Review Vulnerable Extensions List 
   * Review and action Security_Checklist to make sure you've gone through all of the steps. 
   * Change all passwords and if possible user names for the domains control panel and your Joomla site.
   * Replace all templates and files with clean copies,
   * Check you server logs for IP's calling suspicious files or attempting POST commands to non-form's
   * Use proper permissions on files and directories. They should be max permissions of 644 for files & 755 for folders with no exceptions.

For the malicious code topic

If you feel none of the above applies to you read [http://docs.joomla.org/Top_10_Stupidest_Administrator_Tricks these admin tips ]

ignore bit below[edit]

JOOMLA! Core Features

1 Components Pages 3-9


2 Modules Pages 10-29


3 Plugins Pages 30-41


4 Templates Pages 42-44 JOOMLA! Core Features

1 Components


A Banner B Contacts C Newsfeeds D Polls E Search F Weblinks JOOMLA! Core Features

1 Components

A Banner

The “Banner” component allows the user to manage banners by Categories and Clients. The “Banners Manager” has three tabs, “Banners,” “Clients,” and “Categories.” The “Banners” tab shows a detailed list of active (published and unpublished) banners within the website. It also provides the ability to add new or edit existing banners and their details. The “Clients” tab shows list of clients and their contact details. The “Categories” tab allows whole categories of banners to be organised and “Published” status changed. Each banner is managed individually with various parameters for essential information such as “Impressions Purchased” and “Click URL.” JOOMLA! Core Features

1 Components

B Contacts

The “Contacts” component allows the user to manage a Contacts directory with regard to the Contacts within the web site. The “Contacts” tab shows a detailed list of active (published and unpublished) contacts. It also provides the ability to add new or edit existing contacts and their details. The “Categories” tab allows whole categories of contacts to be organised and “Published” status changed.

JOOMLA! Core Features

1 Components

C Newsfeeds

The “Newsfeeds” component enables the most recent articles from external web sites feeds (e.g. RSS) to be linked to for further reading. The “Feeds” tab contains a detailed list of all active (published and unpublished) feeds within the website. Important information is instantly visible such as “Category,” “# Articles,” and “Cache Time.” The “Categories” tab allows whole categories of feeds to be organised and “Published” status changed. Feeds are managed in categories and have various parameters such as “Number of Articles,” “Cache Time” and ordering.

JOOMLA! Core Features

1 Components

D Polls

The “Polls” component displays a list of all active (published or unpublished) polls on your site. “Polls” are easily managed with parameters such as “Lag” (time between votes) and “Options” for which visitors may vote. JOOMLA! Core Features

1 Components

E Search

The “Search” component provides statistics on searches performed using the Joomla! Search Plugin. The component provides the statistics as a simple list containing “Search Text” compared to “Times Requested,” and by default sorted by “Times Requested.”

JOOMLA! Core Features

1 Components

F Weblinks

The “Weblink” component lists and provides management controls for controlling Web Links displayed in the Front-end of the web site. The “Links” tab displays a list of active (published and unpublished) links organised by category and order. The “Categories” tab allows whole categories of links to be organised and “Published” status changed. Weblinks are managed in categories and have various parameters such as “Target” (e.g. “New Window with Browser Navigation”) and “Description.”

JOOMLA! Core Features

2 Modules


A Archived Content B Banners & Feed C Custom HTML D Breadcrumbs E Footer F Login G Menu H Most Read & Latest News I News Flash J Polls K Random Image L Related Items JOOMLA! Core Features

2 Modules


M Search N Sections O Statistics P Syndicate Q Who's Online R Wrapper


JOOMLA! Core Features

2 Modules

A Archived Content

The “Archived Content” module allows the positioning of a display of Content Items that have been Archived by a Publisher or above. The Content Itmes are available behind a Month/Year directory list. The Items are sorted by creation date not archival date. Only those Months/Years with Content Items created in them will be displayed so there will not be a list of empty directories.

JOOMLA! Core Features

2 Modules

B Banners and Feed

Both the “Banners” and “Feed” modules are the front-end display mechanism for their respective components. Both can be configured to display specific items on specific pages. Standard module parameters such as “Menu Assignment” and “Details” are available. JOOMLA! Core Features

2 Modules

C Custom HTML

The “Custom HTML” module allows the creation of a custom module. “Custom HTML” modules may contain any HTML based content, including text, images and links.

JOOMLA! Core Features

2 Modules

D Breadcrumbs

The “Breadcrumbs” module allows the adition of breadcrumbs to the websites front-end. Breadcrumbs are a navigation aid commonly used in user interfaces. The breadcrumbs give users a way to keep track of there location within the web site. JOOMLA! Core Features

2 Modules

E Footer

The “Footer” module shows the Joomla! Copyright information in the following form. “Copyright © YYYY [Site Name Here]. All Rights Reserved.” “Joomla! is Free Software released under the GNU/GPL License.”

JOOMLA! Core Features

2 Modules

F Login

The “Login” module displays the required fields to login, without navigating to a new page. Default visible fields include “Username,” “Password,” and “Remember Me.” Various parameters are available to change what extra options are available, such as “Remember Me.” JOOMLA! Core Features

2 Modules

F Menu

The “Menu” module displays a menu that is defined from within the Menu Manager. All Joomla! web sites have a “Main Menu” which cannot be deleted. The “Menu” module allows new menus to be displayed in other positions. The module has various parameters including “Menu Name,” “Menu Style,” and sub-menu item preferences.

JOOMLA! Core Features

2 Modules

G Most Read & Latest News

Both the “Most Read” and “Latest News” modules display a list of links to either the most read articles or the most recently added articles. Both are easily managed with parameters to limit the scope to certain sections and/or categories. Standard module parameters such as “Menu Assignment” and “Details” are available.

JOOMLA! Core Features

2 Modules

H News Flash

The “Newsflash” module displays Content Items from a specific Section/Category list. Standard module parameters such as “Menu Assignment” and “Details” are available.

JOOMLA! Core Features

2 Modules

I Polls

The “Polls” module is the front-end display mechanism for the “Polls” component. Together, the “Polls” module and component can be configured to show specific polls on specific pages. Standard module parameters such as “Menu Assignment” and “Details” are available.

JOOMLA! Core Features

2 Modules

J Random Image

The “Random Image” module displays a random image from the contents of a specific image folder. This folder is set via the parameters dialoge. Standard module parameters such as “Menu Assignment” and “Details” are available in addition to certain “Advanced Parameters.”





JOOMLA! Core Features

2 Modules

K Related Items

The “Related Items” module utilises the meta-data associated with each piece of content. The module will display content items with the same keywords, and therefore of a similar subject, giving the user added value to the amount of detail that are able to obtain from a web site. Hence, it is important to ensure that the keywords accurately reflect the specific content in every item, otherwise the advantages are rapidly lost and will significantly detract from the user experience. Less is definitely more (provided they are accurate).

JOOMLA! Core Features

2 Modules

L Search

The “Search” module provides the user with the ability to instantly perform a basic search from their current location and to be taken directly to the results. This removes the need to navigate to a search dialogue.





JOOMLA! Core Features

2 Modules

M Sections

The “Sections” module shows a list of all Article Sections configured in the your web sites database. If the parameter “Show Unauthorised Links” is set to No, the list will be limited to the Sections the User's access level permits them to see.

JOOMLA! Core Features

2 Modules

N Statistics

The “Statistics” module displays a basic list of information about the server and Joomla! Installation. Information displayed includes Server OS, PHP Version, MySQL Version, Time, Caching, GZIP, Members, Content, Weblinks, and Content View Hits.

JOOMLA! Core Features

2 Modules

O Syndicate

The “Syndicate” module displays a pictorial list of all the Feed types that are available for the web site. The module works in conjunction with the Syndicate Component where the actual feed details are configured. A website user wishing to add the fee would them simply need to right click the module image and copy the link location to their News Feed reader, or as is more common these days, use their News Feed reader or Browse to automatically add the Feed.

JOOMLA! Core Features

2 Modules

P Who's Online

The “Who's Online” module provides a basic display of the number of Guests (unregistered vistors) and how many members (registered users that are logged in) are connected to the website at the time the web page was queried. The module can be set to display the names of the Members who are logged in.

JOOMLA! Core Features

2 Modules

Q Wrapper

The “Wrapper” module wraps another web page directly into the website at a specific location determined by the module position. The web page is inserted as an inline frame into the web site layout template. The module can be used to display another web site, but also alternative pages from within the website is is installed upon, as well as allowing completely independent applications and scripts to be run on the web site and output their displays/information as if an integral part of the website. JOOMLA! Core Features

3 Plugins


A Authentication (Joomla!, LDAP, OpenID, GMail) B Cache C Code Highlighter (GeSHi) D Email Cloaking E Editors (TinyMCE 2.1 & Xstandard Lite for Joomla!) F Editors-XTD (Image, Page Break, Readmore) G Legacy H Rating I Search (Categories, Newsfeeds, Sections, Contacts, Content, Weblinks) J SEF K XML-RPC (Blogger API, Joomla! API)

JOOMLA! Core Features

3 Plugins

A Authentication (Joomla!, LDAP, OpenID, GMail)

The “Authentication” plugins add different form of user authentication to your site. The Joomla! Authentication plugin involves initially registering at the web site and then confirming your identity through a confirmation email. The OpenID and GMail Authentication plugins use prexisting databases to authenticate the user. By signing in with a GMail or OpenID account, steps will be eliminated from the registration process. By default, only the Joomla! Authentication plugin is enabled.

JOOMLA! Core Features

3 Plugins

B Cache

The “Cache” Plugin provides page caching functionality. This reduces server load and lag. By caching the pages, new pages do not have to be generated as often, however, the benefits of caching require high traffic levels to be noticable.

JOOMLA! Core Features

3 Plugins

C Code Highlighter (GeSHi)

GeSHi is an Open Source syntax highlighter program that helps illustrate different code languages such as PHP, JavaScript, HTML, each in a different colour, to assist with the readability of a code entry in a Content Item. This code entry must be encased within a

...

element that defines a block of preformatted code.

In this Plugin form, GeSHi is installed with the ability to highlight CSS, HTML4 (strict), JavaScript, PHP, PHP brief, MySQL, SQL, and XML. [code] < ?php function simpsonf($x){ // returns f(x) for integral approximation with composite Simpson's rule    return(pow((1+pow($x, (-4))), 0.5)); } function simpsonsrule($a, $b, $n){ // approximates integral_a_b f(x) dx with composite Simpson's rule with $n intervals // $n has to be an even number // f(x) is defined in "function simpsonf($x)"    if($n%2==0){       $h=($b-$a)/$n;       $S=simpsonf($a)+simpsonf($b);       $i=1;       while($i <= ($n-1)){          $xi=$a+$h*$i;          if($i%2==0){             $S=$S+2*simpsonf($xi);          }          else{             $S=$S+4*simpsonf($xi);          }          $i++;       }       return($h/3*$S);       }    else{       return('$n has to be an even number');    } } ? > [/code] JOOMLA! Core Features

3 Plugins

D Email Cloaking

The Email Cloaking plugin adds a layer of security to email addresses contained inside Content Items and Contacts. The plugin uses JavaScript to effectivly hide the email address when an email address appears as one of the following: address@mydomain.com <a xhref=“mailto:address@mydomain.com”>address@mydomain.com</a> <a xhref=“mailto:address@mydomain.com”>mail Admin!</a> All would be cloaked by the functionality of this plugin.


JOOMLA! Core Features

3 Plugins

E Editors (TinyMCE 2.1 & XStandard Lite for Joomla!)

Both the TinyMCE 2.1 and the Xstandard Lite for Joomla! plugins are WYSIWYG (What You See Is What You Get) editors. They allow for the creation of Content Items and editing descriptions among other tasks. TinyMCE 2.1 is both the default and most feature rich editor. It offers all the features that are needed for standard use. The default editor may be set from the “Global Configuration” dialoge.


TinyMCE 2.1 Toolbars JOOMLA! Core Features

3 Plugins

F Legacy

The “Legacy” Plugin adds Legacy support for Joomla! 1.0. This Plugin allows existing components, mambots, templates and modules to function in Joomla! 1.5. By default, the “Legacy” Plugin is disabled, but can be enabled if required. It is recommended to use extensions that run natively in Joomla! 1.5. JOOMLA! Core Features

3 Plugins

G Editors-XTD (Image, Pagebreak, Readmore)

These Plugins add important functionality to the front-end for viewing content and the back-end for enabling and configuring this functionality. The Image Editor-XTD Plugin displays a button to make it possible to insert images into an Article. The button causes a popup to be displayed allowing you to configure the image's properties, and to upload new image files. The Pagebreak Editor-XTD Plugin provides a button to enable a pagebreak to be inserted into an Article. A popup allows you to configure the settings to be used, such as “Title.” The Readmore Editor-XTD Plugin enables a button to be available that allows you to easily insert the “Read more...” link into an Article.

JOOMLA! Core Features

3 Plugins

H Rating

The “Search” Plugin adds the functionality of a reader rating system to the Content Items in the Front-end of the web site. This is the sequence of 5 image objects that are “lit up” in accordance with the seletions made by the Users in the Front-end. By default, this Plugin is not enabled.

JOOMLA! Core Features

3 Plugins

I Search (Categories, Newsfeeds, Sections, Contacts, Content, Weblinks)

The various “Search” Plugins enable the Search component to search all types of content on your website. The different plugins are for each type of content, allowing the enabling and disabling of searching the different types of content. Through using this methodology, content stored and managed by third party components can be searched if an appropriate plugin is made available.


JOOMLA! Core Features

3 Plugins

J SEF

The “SEF” Plugin adds Search Engine Friendly functionality to the URL links of content items. It operates automatically once published and enabled in the Global Configuration. The plugin operates directly on the HTML code and does not require special tagging to be added by a user.

JOOMLA! Core Features

3 Plugins

K XML-RPC (Blogger API & Joomla! API)

The “XML-RPC” (Extensible Markup Language – Remote Procedure Call) Plugin adds XML-RPC functionality to Joomla! The “XML-RPC Blogger API” allows third party applications, such as w.bloggar, to talk to Joomla!, giving the user the ability to remotely edit, add, delete and publish content items. The “XML-RPC Joomla! API” adds further Joomla! specific functionality through compliant third party applications. JOOMLA! Core Features

4 Templates


A RHUK Milkyway B Beez JOOMLA! Core Features

4 Templates

A RHUK Milkyway

The “RHUK Milkyway” template is the default template for a Joomla! Installation. The clean design of this template makes it very lightweight and fast. The template has three parameters for setting the “Colour Variation,” “Background Variation,” and “Template Width.”

JOOMLA! Core Features

4 Templates

B Beez

The “Beez” template is a template that has been designed with particular attention to the standard conformables code, accessibility and flexibility. This template is an exmaple to demonstrate the new accessibilty features in Joomla! 1.5. It serves as a basis and can be modified and extended as much as you wish.









www.joomla.org