Tag Archives: joomla

Prevent hacking – care and maintenance of your site

spiders anIt’s funny you never think about it until its far too late. I get called at odd hours with panicked clients  “somethings wrong with my website “ or worse  “Help my sites been hacked !”  -these are the words you really don’t want to here late on a friday afternoon , or when your in the middle of a big project.

Let’s face it having your site hacked is really no fun.. no fun at all, so why not take a moment to prevent your site from being hacked ? and if you haven’t got the time employ someone who does or get a staff member unskilled so you can do it in-house. At the end of the day if a few hours work prevent the pain its well worth it.

Why did my site get hacked ?

The good news is its probably not personal, then again if you’ve just finished suing your old web designer it might be ( I had a client who was in that position..). Its most likely its was there you might not be aware of just how much hacking there is for a little perspective  try reading this: the internet of things has been hacked in where bots (web robots) were used to send a bucketload of  spam emails. The likelihood thats your sites been hijacked to send spam is pretty high.


CMS (wordPress, Joomla or Drupal) have exploits, and most modern sites use one of theses three open source CMS, I recommend them, most digital systems have exploits nothing is “uncrackable” or “unhackable”. I’m going to offer some simple tips to make sure your site stays online and as clean as possible, no voodoo just simple common sense.  All of theses things are industry “best practice”

5 steps to care and maintance

  1.  Make a backup –  A simple backup plugin should at the very least send you a zipped up file of your site I recommend this is done automatically on a schedule.  If your whole site gets demolished you have a copy.
  2. Stay updated –  As fast as an exploit is found you can bet theres a bunch of people working in the open source coding industry to try and fix it. Often updating is as simple as clicking a button.   make sure you have a backup before you update.. just in case something goes terribly terribly wrong.
  3. Strong passwords – I know they are a hassle but most sites get hacked by whats called a  “brute force attack ” Though is sounds like someone beating up your sever with a baseball bat, what that really means is that a bot is attempting to get into your login .A bot  will try user names and passwords over and over again, until it gets in. So Its obvious its going to try  admin and test1234 <-theses are not strong passwords. I’ve also seen bots  scrape the content from a site and use that to try get into a site, they get smarter every year.  Use a capitol letter or three and some numbers and or special characters  like %*^  or alternatively a really long nonsensical phrase  (see xcd for explanation and a laugh)

  4. Lock the windows – forms are often windows into a site, you may have many or none. Most of us have at least a simple contact us form. WordPress has a comment system  every comment is sent via a form. If its not necessary why even leave that open to spam and other risks?  I use a simple plugin called Disable Comments saves my the hassle of having to clear out spam comments.
  5. Security plugins –  If your really worried install a security plugin. there are heaps out there and for the most part they are pretty good. Some will send you a notification of every attempt to hack your site, sounds good? No, within a day you’ll be swamped with emails. Fascinating at first because of the amount of information you can see in them, but  after a while its just a bit too much.
    Others will automatically deny bots it thinks are malicious – However I had one that blocked out google and I was not impressed.

I hope this information was helpful go forth and maintain your site !  But if your too scared, or you simply don’t have time feel free to ask for a web site maintenance and tune up.


Joomla Template ~Case Study

Well I’m working on a small site for an event -the client needs to update the site themselves so I’m looking at joomla for this one. I wanted to step through the process bit by bit so here goes.

front page - screen shot
1) In the beginning
the inital website is static html – i’ve take a few screen grabs the code itself is pretty clean but in evaluating what the client needs I’ve made the decision to use a cms (content management system ) heres some key reasons why.



Why use a CMS?About - screen shot

  • Client wants to update site themselves
  • Investing in structure (long term maintainability and flexibility)
    -notice the menus on each page are different  -thats because its easy to get inconsistencies in static html..the pages are all separate a cms uses one template to present content  and avoids this .
  • -once a CMS is in place its easy to redesign, tweek add more sections
  • Added functionality
    -ability to add shops, calendars, social networking  hookups etc
  • More than 10 pages

Theres many more reasons  but theses are my key indicators


Redcarpet-screen shotWhich CMS?

Well I dont want to start a war… but i tend towards open source CMS because i find there easy to use, theres lots of documentation and I can change them if i need to !  Essentially it boils down to  the three major players:

Theres a really good article about why youd choose one over the other  in cartoon form !  wordpress vs drupal vs joomla. This  site is a wordpress site  and its a very easy platform to use.. I use wordpress for clients who are not tech savey.. joomla for larger  clients . Im not going to say one is better than the other I choose on a case  by case basis.


2) Design

In this case I used photoshop to  convert some artwork supplied by the client into the framework for the site.I wanted

Original artwork by

Original artwork by

a consistency with her other media   – once the client approves it , I start to slice up the art and code. Making it first as static html. I then used Adobe browser lab to cross test  – making sure it works on a variety of different browsers  (ie6-9, firefox,chrome safari). Then validate it , that is check the code on the wc3. Having done al the hard work all  i then have to do is convert it to a Joomla template , I’ll spare you the gory details of that process.

3) Install

So meanwhile I have had my client putting there basic information into Joomla, Setting up basic pages and catagory’s. I install the finished template and bang we have a pretty website! Not only is it pretty but the client can update it themselves!

We make a few tweeks add a few pluggins  , since this site is workshop driven im using one called  “event manger”  that allows people to book online, sends reminders and catalogues all the participants  so when the event happens the client no longer has to  manually put all that information into a spreadsheet. Hook up a google map, pop in some video and  launch.

“right CMS = happy client”

So heres some screenshots of the finished product or better yet go see the site for yourself.

Screen shot -Trance and tribal festival

Detail on workshop pages

Scren shot 2 - trance and tribal fest

Trance And Tribal Festival