Joomla 3.X Global Settings Part III Server Settings

Similar documents
Installing Joomla

Joomla 3.X User Manager

WebDAV. Overview. File Permissions and Management. Authentication Methods

PHPBasket 4 Administrator Documentation

About the Tutorial. Audience. Prerequisites. Copyright & Disclaimer. Joomla

Joomla Pre-install Tasks

CUSTOMER CONTROL PANEL... 2 DASHBOARD... 3 HOSTING &

SOFTWARE INSTALLATION README

K-RATE INSTALLATION MANUAL

Publish Joomla! Article

Publish Joomla! Article

User s Guide April 2017

Joomla 3.X Global Configuration

Introduction to Security in Laserfiche 8.3 and later. White Paper

A. Any Corps employee and any external customer or business partner who receives an invitation from a Corps user.

KEIL software. Index of contents INSTALLATION

HelpAndManual_illegal_keygen Contactor Elite Autoresponder Installation Guide

Using BlueStep Data Vault with WebDAV

Policy Settings for Windows Server 2003 (including SP1) and Windows XP (including SP2)

WebAnalyzer Plus Getting Started Guide

Installation guide for Choic Multi User Edition

VirtueMart Top Ten Module

MySQL: Access Via PHP

Joomla 2.5 Kunena Component Installation

Automated Installation Guide for CentOS (PHP 7.x)

VIVVO CMS Plug-in Manual

Kollaborate Server. Installation Guide

User Manual. version 1.6-r1

Crystal Enterprise. Overview. Contents. Web Server Overview - Internet Information System (IIS)

Table of Contents. 1. Installation 3 2. Configuration 4 3. How to create a custom links 9 4. More Information 11

Joomla! custom reports using TinyButStrong

Web Hosting Control Panel

MailEnable Connector for Microsoft Outlook

Grapevine web hosting user manual. 12 August 2005

SharePoint General Instructions

BIG-IP DataSafe Configuration. Version 13.1

Roxen Content Provider

Microsoft Dynamics CRM Integration with Bomgar Remote Support

As a first-time user, when you log in you won t have any files in your directory yet.

2 P age. Pete s Pagebuilder revised: March 2008

CONTENTS IN DETAIL INTRODUCTION 1 THE FAQS OF LIFE THE SCRIPTS EVERY PHP PROGRAMMER WANTS (OR NEEDS) TO KNOW 1 2 CONFIGURING PHP 19

Moodle Plugin for CopySafe Web -- Installation for Moodle 3.5 and later --

WEB CREATOR PAGES MANAGER

Create and Apply Clientless SSL VPN Policies for Accessing. Connection Profile Attributes for Clientless SSL VPN

Web Hosting Control Panel

User Manual Version

Electronic Committees (ecommittees) Frequently Asked Questions v1.0

Use the login credentials and the primary domain name that were sent to you on account activation.

Joomla User Guide Ver 3

To register as a publisher, please visit the link provided to you by your system owner and provide your full name and address:

Chatter Answers Implementation Guide

Microsoft Dynamics CRM Integration with Remote Support

Technical Intro Part 1

User Guide POPUP PLUS FOR MAGENTO 2. Version: Release Date: Product Page: Popup Plus. Support:

How SMART (Secure Malware Alert and Removal Tool) Works

Basic, Step-by-Step Installation Manual

BOLT eportfolio Student Guide

Integrating Mahara with Moodle running under https

MailEnable Connector for Microsoft Outlook

Digitized Engineering Notebook

Appliance Installation Guide

Installation & Configuration Guide Enterprise/Unlimited Edition

Information for Domain Admin & Web Admin. Version v 2.0

Highwinds CDN Content Protection Products. August 2009

End-User Reference Guide Troy University OU Campus Version 10

Website Backend Manual

Pardot Setup Implementation Guide

Managing System Administration Settings

User Inputs for Installation

DIRECTORY UPDATE V3.0 Quick Start Guide

kalmstrom.com Business Solutions

About the Tutorial. Audience. Prerequisites. Copyright & Disclaimer. Drupal

IBM emessage Version 9 Release 1 February 13, User's Guide

Password Reset PRO INSTALLATION GUIDE

MANAGEMENT AND CONFIGURATION MANUAL

User Guide. 3CX Enhanced Billing Codes. Version

Secret Server Web Services API Guide

Moodle Plugin for CopySafe PDF

KYOCERA Net Admin User Guide

1 Login AppServ Hosting Control System

VirtueMart Product Scroller Module

Ricoh Managed File Transfer (MFT) User Guide

File Upload Instructions Customer Access To Transcript Bulletin Publishing s FTP Site

Webshop Plus! v Pablo Software Solutions DB Technosystems

Bitnami Dolibarr for Huawei Enterprise Cloud

Remote Support 19.1 Web Rep Console

Copyright Maxprograms

PF4 Google Calendar Synchronisation

It is a Joomla! component add on to the Community Builder (CB) system intended to allow flexible ing to defined user lists.

Sophos UTM Web Application Firewall For: Microsoft Exchange Services

Colligo Engage Outlook App 7.1. Offline Mode - User Guide

BRIGGS & VESELKA CO. ProSystem fx Portal. Client Portal Admin User Guide

eportfolio Support Guide

Embedded101 Blog User Guide

Online CD Library (OCDL):

IBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3.1 April 07, Integration Guide IBM

Administrative Training Mura CMS Version 5.6

BMC FootPrints 12 Integration with Remote Support

Chatter Answers Implementation Guide

IIBA Chapter Website: Quick Start Guide Version 1.3

Transcription:

Joomla 3.X Global Settings Part III Server Settings Diagram 1 Path to Temp Folder: This is a text box adjacent to this prompt which holds the path to Joomla s temp folder on the web server. This is the folder in which Joomla stores its temporary files which are created when some code or the other is processed on the web server. The contents of this text box get filled in when Joomla is installed. If required Joomla can be instructed to use a completely different folder in which to store its temporary files while executing any of its programs on the web server. To do this, create a folder wherever desired on the Web server and enter the relative path to the new folder in this text box. Gzip Page Compression: This is a switch that informs Joomla to use a PHP built in library and zip the output of the web page ( i.e. compress the output ) prior the output being delivered to a requesting Browser. Since the output file is compressed ( i.e. GZIPped ) this can reduce the time it takes a web page to download to the Browser. At the same time, this increases the Web server work load, because this requires the Web server to compress data for every page delivery to a Browser. The default setting is No. Error Reporting: This is a drop down list box via which the website owner can change the amount of error reporting that Joomla does. In production sites, it's recommended to set this as low as possible. Hackers can use the information produced by error reportage to find security holes in the website. These are the options available in the Error Reporting drop down list box: System default None Simple Maximum Development 1

During the website development stage, set error reporting to Maximum. After the website is completed / tested and live, set error reporting to System default or None as seen fit. At Joomla install time error reporting is set to System Default. Force SSL: This is a drop down list box via which the website owner can instruct Joomla to force SSL ( i.e. Secure Socket Layer ) communications to occur between the Web server and the requesting Browser. The choices available via the Force SSL drop down list box are None, Administrator Only, Entire Site. When Force SSL is set, access to those areas of the Joomla website can only be done by using https://. Turn this on only if the Web server supports such an option. At Joomla install time, the setting is None. Location Settings Diagram 2 Server Time Zone: This is a drop down list box via which the website owner can select the current time for the Web server. The time set should be based on where the Web server is physically located. The time set at the time of Joomla install is Universal Time, Coordinate (UTC). To change this click on the drop down list box and select the time of your choice based on the physical location of the Web server. FTP Settings Diagram 3 NOTE: FTP stands for File Transfer Protocol. All these settings can be set during Joomla installation. 2

Enable FTP: This is a switch that tells Joomla to use its built-in File Transfer Protocol libraries instead of the normal upload process used by PHP. FTP Host: Enter the name of the ftp host in the text box adjacent to this prompt. This is always the name of the website i.e. www.mywebsite.com FTP Port: Enter the number of the of the FTP port in use on the Joomla 3.X website in the text box adjacent to this prompt. The default FTP port of any Web server is port 21. Hence enter 21 in this text box. FTP Username: Enter the FTP Username in the text box adjacent to this prompt provided by your hosting provider, OR enter any FTP user name of your choice. This will the username you will use to access the Joomla FTP account. FTP Password: Enter the FTP Password provided by your hosting provider, OR any password of your choice in the text box adjacent this prompt. The same password will have to be used to access this Joomla FTP account. FTP Root: Enter here the physical location ( i.e. the root directory of your website on the server ) of the folder that you want the FTP account to connect to on your Web server. If you are not sure which is the root directory of you website, you can contact you host provider and ask. Database Settings Diagram 4 NOTE: Database details are filled in to each of these text boxes during Joomla installation as shown in diagram 4. 3

Database Type: This is a drop down list box that has two choices of Database Type, MySQL and MySQLi. Joomla 3.X recommends the use of MySQLi. This is the choice set at Joomla 3.X installation time. Hostname: The text box adjacent to this prompt is normally loaded with localhost during Joomla 3.X installation process. Typically localhost is entered here for most Joomla installations (or 127.0.0.1). This is because most often the Joomla database is located on the very same Web server as is the Joomla CMS. However, it is quite possible for the hostname to point to a completely different Web server altogether should the Joomla database in use be located physically on a Web server other than the one on which the Joomla CMS is installed. Username: The text box adjacent to this prompt is normally loaded with the MySQL username, entered at the time when Joomla 3.X was being installed. Database: The text box adjacent to this prompt is normally loaded with the MySQL database name, entered at the time when Joomla 3.X was being installed. Database Tables Prefix: The text box adjacent to this prompt, displays a randomly generated ( by Joomla ) database table name prefix. This is the prefix that Joomla will use prior each of its table names when its tables are created and populated during the Joomla 3.X installation process. This is largely for security purposes. Since Joomla is an Open source, free to use by all, CMS, its table structures and names are in public domain. This makes it easier for hackers to gain access to Joomla websites. By adding a randomly generated table name prefix, Joomla makes each installations database table names unique and hence a ton more difficult for a hacker to access Joomla tables in each Joomla CMS installation. 4

Mail Settings Diagram 5 Mailer: This is a drop down list box via which the web owner can instruct Joomla which type of Web server based, Mail process, must be used by Joomla CMS to deliver User or Administrator Emails from the website. The choices are: PHP Mail Sendmail SMTP Joomla CMS can use any of these three methods to dispatch Email from the Web server. PHP Mail If this option is selected Joomla will use the mail function that is built into PHP and is the simplest way of sending Emails from the webserver. Sendmail - If this option is selected Joomla will use the Sendmail program, almost always installed and live on a Web server, which is typically used when dispatching HTML based email forms via Email. This requires the correct Sendmail path to be entered to be entered into the text box adjacent to this prompt. SMTP - If this option is selected Joomla will use the Web site's SMTP server to send Email. This is the most secure way of mailing. This requires entering all the SMTP login details in the text box adjacent this prompt. 5

From Email: Enter a legitimate Email Id in the text box adjacent this prompt. Joomla will use this Email ID as the From Email ID when it dispatches website Email(s) via any of the three methods chosen via the drop down list box adjacent the Mailer prompt. This Email ID will be visible in the recipient s mail client via which they can identify who sent them the Email. Sendmail Path: In the text box adjacent this prompt enter the path where the Sendmail program is located on your Web server. This text box is typically filled in by Joomla during its installation process. NOTE: This is only used if Mailer is set to Sendmail. SMTP Authentication: This is a switch via which a website owner can inform Joomla whether the SMTP Mail server on the website requires authentication to send Mail or not. If the Mail server run on your Web server does not require authentication ( i.e. A Login ID and Password ) prior it being accessed then set the switch to No. If the Mail server run on your Web server does require authentication ( i.e. A Login ID and Password ) prior it being accessed then set the switch to Yes. At Joomla install time this switch is set to No. NOTE: This is only used if Mailer is set to SMTP. SMTP Security: This is a drop down list box via which the web site owner informs Joomla of the type of security to be used when sending Email to site visitors. Type of security options are SSL and TTL. At Joomla install time this is set to None. NOTE: This is only used if Mailer is set to SMTP. SMTP Username: In the text box adjacent to this prompt enter the username to be used when Joomla accesses the SMTP host. NOTE: This is only used if Mailer is set to SMTP. SMTP Port: In the text box adjacent to this prompt enter the SMTP port number. Most unsecure SMTP servers use port 25 and most secure SMTP servers use port 465. If you are not sure of what port number to enter here, contact your hosting company and they will give you the correct port number to use. This is only used if Mailer is set to SMTP. SMTP Username: In the text box adjacent to this prompt enter the username to be used by Joomla to access to the SMTP host. This is only used if Mailer is set to SMTP. SMTP Password: In the text box adjacent to this prompt enter the password to used by Joomla to access to the SMTP host. This is only used if Mailer is set to SMTP. SMTP Host: In the text box adjacent to this prompt enter the SMTP HOST address to be used by Joomla when sending mail. This is only used if Mailer is set to SMTP. 6

Permission Settings Diagram 6 NOTE: Before making any changes do read the Notes 1 & 2 written at the bottom of the Permission Settings page. Notes 1 & 2 contain the following information. 1. If you change the setting, it will apply to this and all child groups, components and content. Please note that: Inherited means that the permissions from the parent group will be used. Denied means that no matter what the parent group's setting is, the group being edited cannot take this action. Allowed means that the group being edited will be able to take this action (but if this is in conflict with the parent group it will have no impact; a conflict will be indicated by Not Allowed (Locked) under Calculated Settings). Not Set is used only for the Public group in global configuration. The Public group is the parent of all other groups. If a permission is not set, it is treated as deny but can be changed for child groups, components, categories and items. 2. If you select a new setting, click Save to refresh the calculated settings. NOTE: It s a good idea that none of the Permission Settings are changed by anyone during website create / test phase. The Joomla default settings are normally pretty effective in controlling the access to all website information even after the website goes live. If these settings have to be changed /set then they should be done by someone who is a Joomla professional and knows exactly what they are doing. 7

Text Filter Settings Diagram 7 Joomla websites are dynamic and permit / encourage site visitors to engage with the website owner in many different ways. One way is by having the site visitor fill in a HTML form delivered via a Joomla web page. Once the site visitor, fills in the form and clicks a Submit button the information entered in to the form is returned and stored with a database table on the Joomla website. While this is great for site visitor and site owner interactivity, it is also a technique that hackers use to deliver rogue data into a Joomla website. Once this is done ( i.e. Their rouge data gets stored in Joomla s database tables) they have techniques via which they can activate this rogue data and hack into and take over the Joomla website. Since the Joomla core team is aware that happens they have provided Text Filter Settings at Joomla Global configuration level. Using the Text Filter Settings a website owner has definite control over exactly what information can be entered by site visitors into all forms delivered by the Joomla website. Thus the website owner can filter / control the insertion of rogue data into Joomla s database tables. As website owner one can be as strict or as liberal as required via the Text Filter Settings when accepting input from different content providers to suit the website needs. Text filtering is opt-in. The default settings done at the time of Joomla installation actually provide pretty good protection against rogue HTML code commonly associated with malicious Web site attacks. 8

There are five filter types: 1. Default Black List: These are HTML tags and Attributes that have been built-in to the Joomla CMS core. When Default Black list is chosen via the drop down list box adjacent the Filter Group prompts this prevents any Joomla delivered form from accepting all of HTML tags and attributes entered in the Default Black List. Tags for the Default Black List include: applet, body, bgsound, base, basefont, embed, frame, ilayer, layer, ink, meta, name, object, script, style, title, xml Attributes for Default Black List include: action, background, codebase, dynsrc, lowsrc 2. Custom Black List: When Default Black list is chosen via the drop down list box adjacent the Filter Group prompts All the HTML Tags entered into the text box beneath the label Filter Tags And All the HTML Attributes entered into the text box beneath the label Filter Attributes Override the Default Black List. 3. White List: When White list is chosen via the drop down list box adjacent the Filter Group prompts this accepts only: All the HTML Tags entered into the text box beneath the label Filter Tags And All the HTML Attributes entered into the text box beneath the label Filter Attributes 4. No HTML: When No HTML is chosen via the drop down list box adjacent the Filter Group prompts this strips all HTML tags and their attributes submitted via any/all Joomla forms delivered via the Joomla website 5. No Filtering: When No Filtering is chosen via the drop down list box adjacent the Filter Group prompts this ensures that Joomla will apply no HTML or HTML attribute Text Filtering to any of the content submitted to the Joomla website any / all of the forms delivered by the Joomla website. NOTE: Do register that Text Filtering is applied to various Joomla groups either internal to Joomla CMS or defined additionally by the website owner when necessary. 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback