Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Linux Format Article - Secure Joomla Installation

    Încărcat de

    Panos Kalantzis
    144 vizualizări4 pagini

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Indicator pentru conținut neadecvat
    144 vizualizări4 pagini

    Linux Format Article - Secure Joomla Installation

    Încărcat de

    Panos Kalantzis

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Indicator pentru conținut neadecvat
    din 4

    THEMA JOOMLA 21-02-08 12:28 MM 64

    JOOMLA


    !
    site ,
    modules; T (CMS) .
    Joomla! CMS
    ....

    Joomla! (Content
    Management System, CMS) Web sites portals. H ,
    , . ,
    , ,
    Web
    site . Joomla! , ,
    .
    , Web site ,
    :
    1. Web server Apache 1.3.x PHP 4.2.x
    2. B MySQL 3.23.x
    E, PHP MySQL, XML
    zLib. E ,
    Joomla!

    TOY ANAITH
    X. KAANTZH
    O
    A .
    ,
    A

    M T
    A.

    , M.

    64

    LINUX FORMAT

    E
    H Joomla! 6 .
    M
    http://www.joomlacode.org. ,


    . , , , ,
    server
    site. ,
    1.0.14 Release Candidate 1.
    1. T
    :
    bash-3.2$ unzip -x Joomla_1.0.14-RC1-Full_
    Package.zip
    E, Web server, FTP. M
    , browser
    (http://www.yoursite.gr). A
    ,
    Joomla!. ( 1)
    H Joomla! , ,
    .
    T Web sites Joomla!. T
    PHP
    /
    .
    A , ,
    Joomla! ( 2).
    A , ,

    THEMA JOOMLA 21-02-08 12:28 MM 65

    YTHMATA IAXEIPIH EPIEXOMENOY

    BHMA PO BHMA: EKATATAH JOOMLA!


    1

    H , OK.

    Step 1 MySQL.

    Step 3, URL, path Joomla!


    .

    A .

    Step 2, Web site.

    LINUX FORMAT

    65

    THEMA JOOMLA 21-02-08 12:28 MM 66

    JOOMLA

    , .
    3 ,
    , ,

    ( 3). , ,
    .
    , site (
    4). T, Joomla!, URL site , e-mail,
    admin ( 5). O

    ,

    Joomla!,
    ' . M
    .
    A ,

    Web site ( 6),
    server,
    , installation.

    ENHMEPEITE!
    T sites



    Joomla!.
    P :
    n B
    Joomla!:
    http://secunia.com/search/?search
    =Joomla
    n
    Joomla!:
    http://forum.joomla.org/index.php
    /board,267.0.html
    http://forum.joomla.org/index.php
    /topic,75376.0.html
    n M Checklist
    Joomla!
    http://tinyurl.com/2v67o4

    66

    LINUX FORMAT

    M Joomla! Web
    sites, , ,
    , . A
    .
    O
    Joomla! . A , , Joomla!,
    bugs ,
    , .
    E,
    , 5 PHP,
    ,
    4.
    O Web site
    ,
    ,
    /
    configuration.php, . E , , / Joomla!. ' ,
    chmod 644 chmod
    755 . M
    ,
    Web site .
    E ,
    modules components
    Joomla!. E , , module

    server , ... M
    Joomla!,

    Site Global Configuration Server, --chmod 644


    --chmod 755
    .
    , ,
    installation
    Joomla!. E, Web site
    server. E, admin
    "",
    . E "" , , 8

    .
    E Web site Joomla!, .htaccess , module
    mod_rewrite Apache Web server. T
    .htaccess
    , modules
    components Joomla! .

    PHP
    M
    Joomla!, ,
    :
    "PHP register_globals setting is 'ON' instead of
    'OFF'."
    A register_globals
    PHP , server, GET POST, cookies, global . A , ,
    "variables injection attacks"
    ( ). , php.ini
    Web server , . O . A
    ""
    php.ini,
    Joomla!. ,
    servers Web hosting,
    . ,
    ,
    PHP server :
    # PHP5
    php_value register_globals off

    # PHP4
    register_globals = 0
    Y
    ,

    THEMA JOOMLA 21-02-08 12:29 MM 67

    JOOMLA

    Joomla! php.ini. ,
    SQL injection ( SQL ),
    php.ini :
    allow_url_fopen = OFF
    disable_functions = show_source, system, shell_
    exec, passthru, exec, phpinfo, popen, proc_open
    H fopen wrappers. H
    PHP.
    N :
    shows_source:
    highlight_file(),
    PHP.
    system: .
    shell_exec:
    .
    exec: .
    passthru: exec() ,
    .
    phpinfo:
    PHP site -
    .
    popen: pipe .
    proc_open: popen(),
    .
    M , disable_functions
    scripts . , ,

    modules components
    Joomla! PHP ,
    , , .
    E, ( backup)
    site ...
    O Joomla!
    php.ini .htaccess.
    .htaccess, php.ini,
    php.ini. H , , :
    Joomla!
    .php.


    A,
    , administration .htpasswd. /administration, :
    .htaccess .htpasswd. T .htaccess :
    AuthType Basic
    AuthName "Joomla Administrator"
    AuthUserFile /full/path/to/joomla/administrator/
    .htpasswd
    <Limit GET>
    require valid-user
    </Limit>
    , (

    Joomla)
    , on-line .htpasswd,
    .htaccess Tools (http://www.htaccesstools.com/
    htpasswd-generator/). T
    username ,
    .htpasswd. T,
    Joomla!
    ( log in).
    T Joomla!, ,
    , modules components
    , .

    PHOPH
    YMBOYH
    M
    . O,
    ,
    ( )


    .


    ,

    E
    tutorial
    Joomla!
    CMS. M Joomla! ,

    portals,
    (
    ),
    Web site .

    , ,
    , . ( )
    . ' ,

    . O,

    . O ( )
    ,

    SQL , .
    n

    EKAOO AAEIA

    Joomla!,
    :
    n E
    .
    n A ,
    , installation.
    n M
    ,
    configuration.php
    .
    n O

    . E
    ,


    .
    n .htaccess
    ,

    .
    n X "" .
    n P php.ini,
    register_globals OFF,
    scripts.
    n authentication
    Joomla!
    .htaccess/.htpasswd.
    n .
    n .

    LINUX FORMAT

    67

    S-ar putea să vă placă și