JTS 92% - Joomla! Forum - community, help and support
hi!
i installed , run jts on joomla 1.0.13. first value 92%. saw astatspro not have (_validmos...) thing. removed it. furthermore, i've set folders 755 , files 644.
yeah, know, really... cool. 
so, baically, everythig read-only. got false positives joomlapack (2 zip files necessary create installer), 2 zip files (backups), , joomlacomment (logo.jpeg). jpeg... says script. cpanel says so, because downloaded file check out. intelligible thing "< created ig...." in file header. looked @ picture, , looks legit me. possible somene changed mime settings. have shared host. mime settings legit. have sh404sef enabled (is there known exploit or myth?) , .htaccess file has (by thefault) anti-exploit code.
hell, i've put .htaccess file in /administrator folder allowing ip only. use rather strong pass. user registration enabled, captcha , e-mail confirmation. have categories registered users , content set registered (to avoid cross-settings). php safe mode off. register globals off. emulate register globals off. in nutshell, did taught should do. still, 92%.
what's there more? maybe remaining 8% due 3rd party extensions, modules , bots.
so... site safe? i'm new joomla! (1 month old, actually).
i installed , run jts on joomla 1.0.13. first value 92%. saw astatspro not have (_validmos...) thing. removed it. furthermore, i've set folders 755 , files 644.
yeah, know, really... cool. so, baically, everythig read-only. got false positives joomlapack (2 zip files necessary create installer), 2 zip files (backups), , joomlacomment (logo.jpeg). jpeg... says script. cpanel says so, because downloaded file check out. intelligible thing "< created ig...." in file header. looked @ picture, , looks legit me. possible somene changed mime settings. have shared host. mime settings legit. have sh404sef enabled (is there known exploit or myth?) , .htaccess file has (by thefault) anti-exploit code.hell, i've put .htaccess file in /administrator folder allowing ip only. use rather strong pass. user registration enabled, captcha , e-mail confirmation. have categories registered users , content set registered (to avoid cross-settings). php safe mode off. register globals off. emulate register globals off. in nutshell, did taught should do. still, 92%.
what's there more? maybe remaining 8% due 3rd party extensions, modules , bots.so... site safe? i'm new joomla! (1 month old, actually).
hi,
just commenting on sh404sef part : there has been security alert sh404sef on october 23. please read : http://extensions.siliana.net/en/2007102266/general/security-update-october-23-2007.html. patches , updated versions have been released same day, , announced wherever possible. versions affected t, u , w.
last version, released last sunday, integrates security component, performing various tests , checks on incoming url , post data, increase security. please read : http://extensions.siliana.net/en/2007111868/sh404sef-and-url-rewriting/sh404sef-version-1.3-is-available.html
best regards
just commenting on sh404sef part : there has been security alert sh404sef on october 23. please read : http://extensions.siliana.net/en/2007102266/general/security-update-october-23-2007.html. patches , updated versions have been released same day, , announced wherever possible. versions affected t, u , w.
last version, released last sunday, integrates security component, performing various tests , checks on incoming url , post data, increase security. please read : http://extensions.siliana.net/en/2007111868/sh404sef-and-url-rewriting/sh404sef-version-1.3-is-available.html
best regards
Comments
Post a Comment